Single Sign On

[Tom]

I am trying to establish an infrastructure whereby I want
only one login screen for my .net application users.


In my experience, if the user's domain is different than
the application domain, the user is presented with the
Windows login screen a second time.

Is it possible for the browser to pass credentials from
one domain to the next?

If so, can anyone assist?

Tom

Real life example:
Employee turns his PC on and logs on to the network by
entering in his user id, password and domain.

Now my user launches a browser and navigates to the base
site he is presented with a login screen. Note: The base
site is used to gain access to all other applications.

Now if the domain is the same as the application domain,
then when my user logins in he is able to navigate to all
other secure web sites without entering any more
credentials.

But if my user's domain is different than the
application's domain, when he tries navigating to one of
these sites, he is presented with the Windows logon screen.

 

[Yan-Hong Huang[MSFT]]

Hello Tom,

Thanks for posting in the group.

I noticed that you have posted the same question in vsnet.general group. I
have answered it. If you have time, you could check my reply there.

Best regards,
Yanhong Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
!Content-Class: urn:content-classes:message
!From: "Tom" <[email protected]>
!Sender: "Tom" <[email protected]>
!Subject: Single Sign On
!Date: Sat, 30 Aug 2003 13:43:34 -0700
!Lines: 33
!Message-ID: <[email protected]>
!MIME-Version: 1.0
!Content-Type: text/plain;
! charset="iso-8859-1"
!Content-Transfer-Encoding: 7bit
!X-Newsreader: Microsoft CDO for Windows 2000
!Thread-Index: AcNvN2E9eOSB2iPtTpKEGzUXkWSErg==
!X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
!Newsgroups:
microsoft.public.vsnet.general,microsoft.public.dotnet.languages.csharp
!Path: cpmsftngxa06.phx.gbl
!Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.languages.csharp:181055
microsoft.public.vsnet.general:11992
!NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
!X-Tomcat-NG: microsoft.public.dotnet.languages.csharp
!
!I am trying to establish an infrastructure whereby I want
!only one login screen for my .net application users.
!
!
!In my experience, if the user's domain is different than
!the application domain, the user is presented with the
!Windows login screen a second time.
!
!Is it possible for the browser to pass credentials from
!one domain to the next?
!
!If so, can anyone assist?
!
!Tom
!
!Real life example:
!Employee turns his PC on and logs on to the network by
!entering in his user id, password and domain.
!
!Now my user launches a browser and navigates to the base
!site he is presented with a login screen. Note: The base
!site is used to gain access to all other applications.
!
!Now if the domain is the same as the application domain,
!then when my user logins in he is able to navigate to all
!other secure web sites without entering any more
!credentials.
!
!But if my user's domain is different than the
!application's domain, when he tries navigating to one of
!these sites, he is presented with the Windows logon screen.
!
!
!