Security :: Fetch A Page From A Remote Php Web Appln In A Different Domain?
Feb 4, 2011
I am trying to fetch a page from a remote php web appln in a different domain. The page contains a chart image which I need to display in my web app. The chart image is dynamically generated using jquery.
Now the remote web app needs to authenticate myself as user i.e username of my machine. So the first time I made a request for its first page it asked for my username and password in the browser ( I.E). From next time it doesn't ask for my username and password and opens the first page.My username was added to the user DB and probably it stores my IP or computer name.Then the chart page also opens in the browser(I.E).
After some time if I try to open the chart page it comes up with some messages and junk values.
But if I again open the first page and then the chart page in the browser it opens up with the proper chart image. So everytime I need to access the chart image I need to authenticate first by opening the first page since the session timeout for authentication is not known. The above process which was happening in browser has to be replicated in my code (C#) in my web app. Now for authenticating myself i.e myusername to the remote appln I write the code below but all I get is some messages and junk values. so how do I authenticate and then access this chart page.
Can I get who the remote user is on IIS Server that is not part of the domain without challenging/prompting the user? I am thinking not, but wanted to see if anyone had a different answer. I added the server to my intranet zone but that didn't cause IE to send any user information. Or maybe it did but since the IIS server is not part of that domain it can't do anything with the user information. I am looking at the ServerVariables in the Request object.
my website need a function to allow domain users jump over the login page and directly access the contents of the site. but for other users which there are not in the domain or they are not the member of the domain then they have to login the website through the login page.
this is different with ask user login to the domain through a login page. the website must distinguish is the user a domain user and the user name in the domain or not when the user first time access website.
I am trying to build a login page as follows.On the machine on which i want to host the application i have a windows administrators group in which some windows domain users are.Now on building the login page i only want those people to access the application on login. What is the best way to acomplish this.
My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.Basically I am working at my client site and my machine is not connected to the domain.What I want to do is running a web application locally under a domain account, and using the webdev server.The webapp uses the default authentication, windows authentication that is.I tried using impersonation with domainuser & password but I got the following error Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.I have to mention that the username and the password are correct.
I am browsing the page (http://jessie.mydomain.com/), then i click the Logout button in this page, it will be logout successful but it will not redirect to the page (http://www.mydomain.com/Default.aspx), it will show (http://jessie.mydomain.com/Default.aspx).
I have an Asp.net 3.5 xml web service that I created using the file new website within Visual Studio 2008. I can install and run the web service on a remote server using a web setup project after adding the necessary entries to the web.config file. The problem currently is that the xml web service needs to be configured to use a domain name and not a server name. My coworker has not been able to configure the virtual directory to use a domain name and work successfully. The web service returns a site under construction error.
I have a domain: http://www.mydomain.com. This domain is redirected to http://mydomain.anotherDomain.com.
I user forms authorization, so when the user navigates to Default.aspx he is redirected to Login.aspx. Pretty standard stuff.
On FireFox the user can log in on both on http://www.mydomain.com and http://mydomain.anotherDomain.com.
But with Explorer http://www.mydomain.com doesn't work. I only get the Login.aspx page.
Can it have anything to do with that on http://www.mydomain.com I can't see the filename ('Default.aspx', 'Login.aspx')? How can I enable so the filename is included in the redirected domain?
I have an intranet web application. There are 2 user groups, group A belongs to the domain and group B does not. If I set the IIS to enable anonymous access, Request.ServerVariables("LOGON_USER") always return nothing. If I disable anonymous access and set Integrated Windows authenication, a Windows login prompt will come up if group B's users want to access the website.
How can I setup IIS so that when domain user access the website, it will direct to the main page with Session("user_name") = Request.ServerVariables("LOGON_USER"). If a user is not a domain user, the website will direct him/her to a login.aspx instead of having the Windows authenication prompt, then set Session("user_name") = txtUserName.Text, and finally redirect to the website main page ?
We have a website for our company on one domain and we have a login form to a webmail solution on another domain.Now i would like to build a form on our website the transfers the request to the login form on the webmail domain and automatically validate the user if user and pass are correct.Need help to find the correct way of doing this. The domains is hosted by our company, the website and webmail is on different servers. I don't want to use the querystring,
I developed a WCF Service Library and I am tring to host the service in a console Applicationusing netTcpIp binding.I get the following error when I try to access the method from a Widows Project which is in the Same Solution"No connection could be made because the target machine actively refused it 127.0.0.1:9000"My Solution has 3 projects1.WCFServiceLibrary 2.Console app to host the service 3.Window App to access the service.Operation System is Windows XPIIS version 5.1
I am trying to achieve a SSO implimentation across my websites so i am using the machine key attribute to do so.now the trouble starts here as the website the user logs in is on the .net 1.1 framework and the website it it navigating to is .net 4.0.I have share the same machine-key across both the application . It works fine in my testing environment but as i move to the deployment server ,it just dosent work !So what i could do is read this article on MSDN :
http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx this tells me to add a domin attribute like below <forms loginUrl="~Login.aspx" defaultUrl="Default.aspx" protection="All" timeout="80" name=".ASPXAuth" domain="asbc.com"/> but this thing just dosent work on the 1.1 application and throws an error Unrecognized attribute 'domain'.
Where do i get to mention the domin in my 1.1 application.?
This site needs to get a request from another web site/different domain. How can I check whether the request is coming from right web site so that no any hacker will take an opportunity to enter in my web site.
For this, client does not want to share encryption logic, query string or stroring session state in the same cookie.
I am looking to get the data from any given domain names SSL certificate. For example I want to put in any website address e.g. "www.asp.net" and my code would firstly check if an SSL certificate exists. If it does then I want it to pull out the Issuer, Subject, Valid From and Valid Until etc. The intention is to create an SSL certificate checker similar to this: [URL]
How can I do this ASP.net???? - I have looked up loads of different things such as RequestCertificateValidationCallback and ClientCertificates etc.
would I create a HTTPWebRequest and then somehow request the client certificate and specific elements that way?
Ok I created a web app with membership & role, intially I had 2 db but combined data with the default aspnetdb.mdf created to simplify.I then used "copy web" to move all asp files & roles folders to remote server in a sub domain directory.Created a backup of the aspnetdb.mdf and then ftp to sub domain directory which was then loaded by the host as MS SQL db name: aspnetdb3.Now, I know I need to change the web.config connection settings but to what???here is the initial connection setting:
I want to fetch output as string. I want to run webpage from my code like [URL]after running i want to keep whole values in a string and again in next step i want to search all anchor href values from the string. But initially how will get domain ouput as string ASP.net.
My intranet web application uses Forms Authentication. How do i get the Active directory domain nameusername of the logged in user. The IIS directory security settings for the app are:
Anonymous User Access : Ticked Integrated Windows Authentication : Ticked
I tried using the following but to no avail
System.Security.Principal.WindowsIdentity.GetCurrent().Name ----> returns NT AUTHORITYNETWORK SERVICE Request.LogonUserIdentity.Name -----> returns The username used for anonymous access
ineed to pass this information to an external application for the current user to gain access to the system. Can i untick Anonymous user access in IIS and continue using forms authentication? what are the other options.
is there a way i could find out how to get all the users in a group on my domain, i have a domain called "cot", within that domain we have multiple groups like "RO,Admin,PM,SPM and 2 or 3 more", i need to get all the users in a particular group, i am using vs2008 and coding on webforms with c#, i have tried various example i could find online but none have worked for me so far.
I have the IIS webserver on Domain A. I have many users on Domain B, C, D, E.
I've set the NTFS security permission for each user and his/her domain to the webserver's security ntfs permission folder. But it is still not authenticating. So what do I need to do to enable this feature? I am using windows 2003 webserver.
I have a problem. On the one domain [URL] save employees in another domain [URL] save other employees. What is the best solution for this? Do I need to save each table id_domain?
All I'm trying to do is pull the current user's login name from Active Directory. I've tried User.Identity.Name.ToString, which returned nothing at all. I tried Environment.UserName.ToString, Which returned "NETWORK SERVICE" which is not the firstname.lastname username that I was expecting.
