Security :: Way To Authenticate A Cross-domain Request For Two Intranet Sites Using AD
Apr 22, 2010
I'm still new to windows authentication. Basically, we have a page on http://externalsite.com that needs to be accessed only by an authenticated user originating from http://internalsite. The user on internalsite is already authenticated using windows authentication.I'm confused here. How can I validate the user and obtain their role so that i can not only validate that they are authentic, but to authorize them to use this page on externalsite.com?
View 2 Replies
Similar Messages:
Mar 3, 2010
I have integrated Third party advertise module in my website. their domain s "http://rotator.adjuggler.com/".they read cookie from this domain and display advertise based on cookies value. now I want to set cookies on this domain from my website.though this is not possible. they have provided url to set cookies.http://rotator.adjuggler.com/servlet/cookie?action=set&name=test&value=1&maxage=2592000we can set cookies on their doemain by calling above ur.Problem:1) we can't make xmlHttp request because this is cross-doamin link.2) we can't use jquery because it uses xmlHttp as native implementation.3) i have tried to set above url in <img src="..." > and <script src="...">. both not working.but when i paste above url in address bar it works.can anybody have idea how to call above url from Code.
View 2 Replies
Jul 16, 2010
We are using IIS6 and .Net Framework 2.0 for our intranet with Windows and Digest Authentication . We have 2 domains that have access to this intranet. I suddenly have the need to display slightly different content for users from Domain A. The changes are rather trivial (text on a label and and image in a header) but important to our stakeholders.
View 4 Replies
Oct 28, 2010
I have the IIS webserver on Domain A. I have many users on Domain B, C, D, E.
I've set the NTFS security permission for each user and his/her domain to the webserver's security ntfs permission folder. But it is still not authenticating. So what do I need to do to enable this feature? I am using windows 2003 webserver.
View 2 Replies
Jun 18, 2010
I have two different web sites in Intranet zone. They are placed in one domain (like http://site1 and http://site2.site1). They use Windows Authentication for common domain (like mycorpUser1, mycorpUser2, mycorpUser3).First web site(http://site1) have iframe element with hyperlink to second web site(http://site2.site1). When user loads first web site he needs write login and password twice. How to make that http://site1 and http://site2.site1 ask authentication only once?
View 2 Replies
Jan 20, 2010
How can I get a user's geolocation information (City and Country - internet service provider and internet speed would also be great) based on their IP address?
I've searched and found several tools for doing this but I seem to run into problems using them with asp.net mvc. Many of them relate to using json and the "security risk" involved in cross domain ajax calls.
View 1 Replies
Feb 22, 2011
I wont to restrict my web service only for few domains.
I wont to have access to web service from using ajax and my page, and I don't want that anybody can create client to my WebService and view my web service methods.
View 4 Replies
Mar 10, 2010
I am browsing the page (http://jessie.mydomain.com/), then i click the Logout button in this page, it will be logout successful but it will not redirect to the page (http://www.mydomain.com/Default.aspx), it will show (http://jessie.mydomain.com/Default.aspx).
(1) In master page,
[Code]....
[Code]....
View 3 Replies
Sep 25, 2010
I am working on an app where users are only allowed access if they click through from certain URLs. I.e. I need to authenticate by using the referral url and I am using
Request.UrlReferrer to achieve this.
I am guessing that the Request.UrlReferrer can be tampered with by malicious users to gain access...
View 3 Replies
Jul 21, 2010
I have a web application that authenticates against AD. On the first login attemt it takes roughly 30 seconds to login. On subsequent requests the login occurs almost immediatly. I've searched all over google and this forums and noticed several people with the problem and everyone seems to have a different solution of which none work for me.
[code]...
View 3 Replies
Jun 15, 2010
I am using asp.net 3.5 and have validateRequest="true" in the machine.config.
Do I need to do something special to stop CSRF and Cross Site scripting or asp.net will handle all these?
View 1 Replies
May 31, 2010
I want to create several websites on my domain, and I am wondering how to go about this in MVC? Should I put them all within one project, and create separate folders in each Views, Models and Controllers folder for each site, or would it be better to create a separate project for each site, although I'm not sure how I would integrate
View 5 Replies
Nov 15, 2010
I have two sites: a site written in vb (site 1), a site written in C # (Site 2).
Site 1 running on a primary domain, eg http://abc.com. site 2 run as sub domain, eg http://site2.abc.com.Now I do not want to run the site 2 as a sub domain 2 again, which would put it in a folder of the site 1, for //abc.com/site2/Default.aspx.So now we have to configure in a site how to run the site 2.
View 2 Replies
Apr 28, 2010
EDIT: At first I thought it wasn't working cross domain at all, now I realize it only works in IE. I'm using jQuery to call a web service (ASP.NET .axmx), and trying to us jsonp so that I can call it across different sites. Right now it is working ONLY in IE, but not in Firefox, Chrome, Safari. Also, in IE, a dialog pops up warning "This page is accessing information that is not under its control..."
$.ajax({
type: "POST",
[URL],
dataType: "jsonp",
success: function(data) {
alert(data.prop1);
},
error: function(XMLHttpRequest, textStatus, errorThrown) {
alert(XMLHttpRequest.status + " " + textStatus + " " + errorThrown);
}
});
And the server code is:
[ScriptService]
public class TestService : System.Web.Services.WebService{
[WebMethod]
[ScriptMethod(ResponseFormat = ResponseFormat.Json)]
public void HelloWorld() {
string jsoncallback = HttpContext.Current.Request["jsonp"];
var response = string.Format("{0}({1});", jsoncallback, @"{'prop1' : '" + DateTime.Now.ToString() + "'}");
HttpContext.Current.Response.Write(response);
}
}
View 2 Replies
May 18, 2010
I need to validate a coming request where form is being submitted from the another domain to my website,
Like
[URL]
Remote site:
[URL]
Now this submit.aspx form get submitted to my website,
how to validate on [URL] that request is coming from [URL] only.
View 2 Replies
Mar 29, 2011
I am trying out jsonp with jQuery. I found many examples on the web and I believe my code is correct, but its still not working for me.
My web service:
using System.Web;
using System.Web.Script.Services;
using System.Web.Services;
using System.Web.Script.Serialization;..........
Firebug shows this is a success, but I am getting null from the alert. I have my webservice in iis7 locally and I am testing through my debug in my client project.
I need to get cross-domain working.
View 2 Replies
Jun 11, 2010
I have a situation where I have to autheticate SharePoint user to another website that is not part of the sharepoint domain without asking user to login again.
I have sharepoint part of domain1. I have users in domain1 that log into sharepoint using NTLM by authenticating to domain1. I don't have any control over this domain and sharepoint configuration. I am working on a ASP.net application which needs to authenticate users from domain1 without prompting users for login if they have already logged into sharepoint server.
I may be able to install a webpart on the Sharepoint if this allows me to do single sign on between sharepoint and my application.
View 1 Replies
May 5, 2010
I´m using mvc futures 2 with WebApiEnabled for XML and JSON support. But due to cross domain issues with jQuery $.ajax I´m lookin in to JSONP. Is there a simple way to extend futures rest function for JSONP or should I do something else.
View 1 Replies
Jan 21, 2010
There are two web applications App1 & App2. A user would submit his information on App1 though a form. On click of a specific button/link on App1, the same data should be posted to a page on App2 and the user should also be redirected to the same page on App2.I would like some help in finding out the best way to implement this functionality.
One of the approaches that I have already tried out is by creating a temporary HTML form at runtime, setting the action attribute of the form to the App2 Page and get the form posted by using javascript submit. The data can then be fetched on App2 page by using the response.form object.This approach works well, but i was still wondering if there is any other way to implement the required functionality.
give some insights on using RESTful webservices to implement this, or else, using some HttpModule to intercept requests at App1 and modify redirect response to app2 or any other approach that you might find fit for the purpose.
Edit: Using querystring isnt an option for me.
View 6 Replies
Feb 7, 2011
How to solve the Cross domain issue using webservices?
View 4 Replies
Sep 1, 2010
This is a followup question to the one here
Here's briefly what I am trying to do. The File server creates a text file to indicate an end of the process. On a webpage on the Web Server, I loop every x seconds and make an ajax request to find out if the test file exists (ajax request to [URL]
I've tried the following approaches so far:
Trigger a web method from the client side that creates a HttpContext object to verify if the text file exists. But this is too strenous on the server and I started getting all kinds of exceptions in the Event Viewer.
View 3 Replies
Mar 15, 2010
I realized that IE8 does not allow links from cross domains to be displayed in IFrame.
It seems like there are only two Header options that Microsoft allows to modify.
X-FRAME-OPTIONS : "DENY" (This does not display any IFrame content )
X-FRAME-OPTIONS : "SAMEORIGIN" (Displays content from the same domain)
Is there a work around to allow content from other domains to be displayed?
View 1 Replies
Nov 15, 2010
UPDATE1:
here is what i am getting when i copy and paste the service url in the IE browser:
[Code]....
View 5 Replies
Feb 17, 2011
Is there any way to get an iframe current URL after it had been changed when the user has clicked a linked inside the iframe. I am talking about cross-domain iframe. If not, is their any web browser control for ASP.net that can give me the URL of that the user is currently browsing?
View 2 Replies
Oct 28, 2010
I have a Single Sign-on solution which is working great in our test environment. It uses Cross-Sub-Domain cookies to share the authentication ticket between 2 web applications. Sign-on is done only on one of the applications and on the second site the user is authenticated by the cookie created by the first site.The problem is that when I roll it into the production environment the single sign-on no longer works. I'm looking for any ideas on why this might be. More details below:1) Both apps are implemented using ASP.NET MVC2
[code]...
View 1 Replies
