Hi Hatton,
problems with what you're doing is that these authentication schemes typically
keep an auth cookie in the browser. When making an authentication request from
another server, that cookie stays on the requesting entity - the server itself.
You would have to pass the contents of that authentication cookie from the
proxy to the client browser.
This is easily done when you know the contents of that cookie. However, in
Integrated Windows Authentication (IWA), you'll only get a hash of the password
that cookie. The username/password
>So my boss comes to me the other day and says, "I want to provide our
>clients with a unified login for all the various web based tools we
>provide." I said that I could.
>
>We're building a new front-end that is going to accept a client login
>and then provide links to the various tools we offer. My thought is
>to tie the unified login via a database to the login credentials for
>the other sites. There is going to be a "proxy page" that will handle
>the HTTP calls to the other sites so session consistency won't be an
>issue.
>
>My big issue now is how to call a page that uses Windows (or
>windows-like) authentication. Is it as simple as passing the username
>and password parameters for a CFHTTP call? The sites that I'm going
>to be linking to use either the IIS authentication or web form
>authentication.
>
>I know I can fudge the login for the web form with a CFHTTP post...
>has anyone else built a web proxy like this?
>
>Thanks!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Upgrade to Adobe ColdFusion MX7
The most significant release in over 10 years. Upgrade & see new features.
http://www.adobe.com/products/coldfusion?sdid=RVJR
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:274831
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
