Re: Links from Microsoft Word losing authentication context.

[Tony Wright]

Yea, I've seen that article. It refers to single sign on, which isn't
really what I'm doing, but I can see that the underlying idea that Word
creates a brand new session is why it's doing it. Perhaps they thought it
opened the door to potential security violations by allowing it to utilise
cookies.

On 20 Jan. 2018 8:36 pm, "Richard Carde"  wrote:

> Rings a bell and I've come across this quite some time ago.
>
> Refer to the following, it probably relates to your situation:
> https://support.microsoft.com/en-us/help/899927/you-are-
> redirected-to-a-logon-page-or-an-error-page-or-you-are-prompte
>
> *The Web site in the hyperlink uses a Single Sign-On (SSO) authentication
> system that relies on HTTP session cookies for client identification. Even
> if you have already provided user credentials, you are prompted to provide
> the user credentials again.*
>
> Regards,
>
> RC
>
> On 20 January 2018 at 18:48, Tony Wright  wrote:
>
>> Hi people,
>>
>> I have an issue with an asp.net mvc application. Essentially, if I log
>> into the application, and I tick the "remember me" box, it stores a cookie
>> with the authentication details and logs me in.
>>
>> Any time I come back to that site within the timeframe set within the
>> context of that saved authentication cookie, I am logged in automatically.
>> That actually works ok, no problems there.
>>
>> But when the link to a page within my site is saved inside a Word
>> document, and I hold down the ctrl key and click the link, it opens up the
>> browser, attempts to go to the right web page, but it doesn't use the
>> cookie, so it requires me to log in again.
>>
>> Outside of Word, I can still put the link into the browser and it will
>> remember the security context and log me in.
>>
>> Has anyone else experienced this? Is it possible to get it to
>> automatically authenticate using the cookie, because this kind of behaviour
>> makes me feel like it was by design.
>>
>> Any ideas?
>>
>> Regards,
>> Tony
>>
>>
>>
>

Re: Links from Microsoft Word losing authentication context.

[Richard Carde]

Rings a bell and I've come across this quite some time ago.

Refer to the following, it probably relates to your situation:
https://support.microsoft.com/en-us/help/899927/you-are-redirected-to-a-logon-page-or-an-error-page-or-you-are-prompte

*The Web site in the hyperlink uses a Single Sign-On (SSO) authentication
system that relies on HTTP session cookies for client identification. Even
if you have already provided user credentials, you are prompted to provide
the user credentials again.*

Regards,

RC

On 20 January 2018 at 18:48, Tony Wright  wrote:

> Hi people,
>
> I have an issue with an asp.net mvc application. Essentially, if I log
> into the application, and I tick the "remember me" box, it stores a cookie
> with the authentication details and logs me in.
>
> Any time I come back to that site within the timeframe set within the
> context of that saved authentication cookie, I am logged in automatically.
> That actually works ok, no problems there.
>
> But when the link to a page within my site is saved inside a Word
> document, and I hold down the ctrl key and click the link, it opens up the
> browser, attempts to go to the right web page, but it doesn't use the
> cookie, so it requires me to log in again.
>
> Outside of Word, I can still put the link into the browser and it will
> remember the security context and log me in.
>
> Has anyone else experienced this? Is it possible to get it to
> automatically authenticate using the cookie, because this kind of behaviour
> makes me feel like it was by design.
>
> Any ideas?
>
> Regards,
> Tony
>
>
>