Reputation: 11
Share Credentials between ASP.NET website and SharePoint 2007
Here is my problem :
1) I have an ASP.NET website which is the main entry point in the application.
This website uses Forms authentication, which validates credentials (username/password) against a database.
2) Once logged on the website, the user is displayed a page containing several links which point to a Sharepoint 2007 application, where authentication is managed by an Active Directory.
3) Every user in the Active Directory is duplicated in the database managing the ASP.NET website authentication.
4) The ASP.NET website and the SP 2007 application are NOT on the same domain.
The problem we are facing is that the users first have to enter their credentials to access the ASP.NET website. Then, clicking on a link pointing on the SP 2007 application, they're prompted another .htaccess-like window in order to authenticate them against the Active Directory.
The question is :
Is it possible to kind-of pass the credentials the user first entered to access the ASP.NET website in the HTTP context so that when he clicks on a link pointing to SP 2007, he's not asked to enter his credentials again ?
I've already successfully validated credentials against an AD, but I'm stuck at where do I have to extend the ASP.NET authentication process so I can inject the SP-related domain credentials into the context.
Hope I was clear, feel free to ask for more information if needed.
And just to be clear, bypassing the first step (ASP.NET website authentication) is mandatory :-)
Thanks everyone,
Mick
Upvotes: 1
Views: 1250
Answers (1)
Reputation: 6765
Does sharepoint have ntlm or forms based authentication? (I'm guessing ntlm because of the login poup)
I have built something like that with sharepoint forms auth where:
- 1.User logs into ASP.NET application
- 2.Auth cookie created
- 3.Auth token stored in database
- 4.User goes to sharepoint
- 5.Custom HttpModule checks cookie and token
- 6.Logs user into sharepoint using HttpApplication.AuthenticateRequest and FormsAuthenticationTicket
I suppose you could do something similar with ntlm auth but it might not be possible as the browser is doing the authentication. A whole bunch of different headers get sent. (eg WWW-Authenticate Authorization). It must be noted that developing a custom HttpModule is not a novice task.
You said: 3) Every user in the Active Directory is duplicated in the database managing the ASP.NET website authentication. I hope the passwords are not clear text in that database
And said: And just to be clear, bypassing the first step (ASP.NET website authentication) is mandatory :-) Do you mean "is not mandatory"?
Upvotes: 1
Related Questions
- Sharing authentication between two web applications
- Sharing authentication between ASP.NET and WordPress
- Sharing ASP.NET logged in user data between two sites
- Login on site with other site creadentials in asp.net
- ASP.Net Cross-Site Authentication
- Can I use SharePoint to authenticate users on a separately hosted website?
- Pass user credentials between SharePoint web application and ASP.NET web application
- Sharing ASP.NET authentication between sites
- Sharing Authentication between ASP.NET sites
- How to authenticate users on one site and pass credentials to other site? ( Windows Authentication, ASP.Net)