Somewhere I read about authenticating against a file token on the user's
hard drive - but I can't find the book I read it in anymore. If you
know what I'm talking about please let me know.
Here's what I remember. Evidently there's a standard filename that can
be created in a local directory and you can right click it and set
properties to it. Once this file is created on a user's computer you
can send a request from ASP or VBscript to check it and use it for an
Intranet authentication.
I was using TCP/IP restriction for security combined with
username/password but our network guys want to give up on static IPs.
So I'm looking for another token on the local computer I can check on
and validate along with username/password. I'm open for suggestions.
Jim Harris
Memphis, TN
4  3006 
If it's on an intranet, you can set the security to Windows Authentication
(assuming Windows 2000) then using Request.ServerV ariables("LOGON _USER") you
will "know" who the user is.
"Jim Harris" <jh*****@memphi s.edu> wrote in message
news:ek******** ******@TK2MSFTN GP09.phx.gbl... Somewhere I read about authenticating against a file token on the user's
hard drive - but I can't find the book I read it in anymore. If you
know what I'm talking about please let me know.
Here's what I remember. Evidently there's a standard filename that can
be created in a local directory and you can right click it and set
properties to it. Once this file is created on a user's computer you
can send a request from ASP or VBscript to check it and use it for an
Intranet authentication.
I was using TCP/IP restriction for security combined with
username/password but our network guys want to give up on static IPs.
So I'm looking for another token on the local computer I can check on
and validate along with username/password. I'm open for suggestions.
Jim Harris
Memphis, TN
I might can make use of that idea, especially for tracking users. Thanks.
My idea was to quietly put a hidden file on each user's computer and
then on the login page check for that file and if it wasn't there just
send a warning message. If it was there, I'd let them log in. And then
on all other pages check for session("authen ticated") and redirect to
login.asp if not. I figured combined with Verisign that would be good
enough security.
The thing is I swear I saw an article about this but using a file that
Microsoft has set up for this purpose. Can't find it. My memory is
getting so bad I should log what I read.
Jim Harris
TomB wrote: If it's on an intranet, you can set the security to Windows Authentication
(assuming Windows 2000) then using Request.ServerV ariables("LOGON _USER") you
will "know" who the user is.
"Jim Harris" <jh*****@memphi s.edu> wrote in message
news:ek******** ******@TK2MSFTN GP09.phx.gbl...
Somewhere I read about authenticating against a file token on the user's
hard drive - but I can't find the book I read it in anymore. If you
know what I'm talking about please let me know.
Here's what I remember. Evidently there's a standard filename that can
be created in a local directory and you can right click it and set
properties to it. Once this file is created on a user's computer you
can send a request from ASP or VBscript to check it and use it for an
Intranet authentication.
I was using TCP/IP restriction for security combined with
username/password but our network guys want to give up on static IPs.
So I'm looking for another token on the local computer I can check on
and validate along with username/password. I'm open for suggestions.
Jim Harris
Memphis, TN
I have tried this concept, it is very easy to implement and it works most of
the time,. There are times however when this server variable only returns
null. Something periodically happens on our server and this type of
authentication fails until the server is rebooted. I don't know what the
problem is that causes this and neither do our administrators. Any ideas
what might cause this?
LJB
"TomB" <sh*****@hotmai lXXX.com> wrote in message
news:eH******** ******@tk2msftn gp13.phx.gbl... If it's on an intranet, you can set the security to Windows Authentication
(assuming Windows 2000) then using Request.ServerV ariables("LOGON _USER")
you will "know" who the user is.
We've been using it for about two and a half years, without any indication
of it not working.
"ljb" <.> wrote in message news:ef******** ******@TK2MSFTN GP10.phx.gbl... I have tried this concept, it is very easy to implement and it works most
of the time,. There are times however when this server variable only returns
null. Something periodically happens on our server and this type of
authentication fails until the server is rebooted. I don't know what the
problem is that causes this and neither do our administrators. Any ideas
what might cause this?
LJB
"TomB" <sh*****@hotmai lXXX.com> wrote in message
news:eH******** ******@tk2msftn gp13.phx.gbl... If it's on an intranet, you can set the security to Windows
Authentication (assuming Windows 2000) then using Request.ServerV ariables("LOGON _USER")
you will "know" who the user is.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Erez Shor |
last post by:
Hi,
I need to build and asp page which access a remote windows server's
registry and create a registry key.
In order for the ASP page to be able to access the registry on the
remote server I need it to run using credentials supplied by the user.
When using basic authentication this is not an issue since the user
has to provide a user name...
|
by: Stuart Shay |
last post by:
Hello All:
I am using Windows Authentication in my VB/ASP.NET Intranet Web Application.
How do I create a method that will release the authentication Token, so the
user will no longer have access to any of the resources on the site?
|
by: pjdouillard |
last post by:
Hello all,
Here is the context of my problem:
We have an ASP.NET 1.1 application that has its own application pool
setup and that runs under the identity of a NT Domain service account
(this is for security reason when accessing databases). We use the
Integrated Windows authentication to authenticate users, and we have
setup the...
|
by: andrew_webby at hotmail |
last post by:
Hi
Am having a problem with an app I wrote to test patch delivery. I
contact a remote PC, and get it to run a patch which is installed on a
server. It works fine if I use psexec for example and I know it's not
NTFS/share-level security at fault - it's readable to everyone which
is usually enough for scheduler or any other...
|
by: Buddy Ackerman |
last post by:
My app is a .NET forms app that runs in the taskbar and periodically polls a web service. I have a client that wants
the app to integrate with their Active Directory. They do not want the user to have to provide the username and
password to login to the application/web service. I need to be able to send the users authenticated security token...
| | |
by: Spam Catcher |
last post by:
Hi all,
I'm looking to implement a single sign on solution for .NET applications.
This single sign on solution will need to work against a variety of back-
end databases (i.e. SQL (mainly), Active Directory (some), Custom Data
Sources (XML, MDB, Custom Web Service, etc).
Is there any sample code on implementing a simple single sign on...
|
by: troywalker |
last post by:
I am new to LDAP and Directory Services, and I have a project that
requires me to authenticate users against a Sun Java System Directory
Server in order to access the application. I have found dozens of
examples of how to authenticate users against Active Directory, but AD
seems to be a different animal than Sun Java System Directory Server....
|
by: webrod |
last post by:
Dear All,
let's say I have a web service.
I would like to authenticate users who try to access it.
I am on a winnt server so I will have to use NTLM but I don't want to
use IIS settings.
Is there a way to authenticate a user using WSE 3.0 against NTLM??
All the samples I have found on the web provide a solution based on
|
by: DK |
last post by:
I have an intranet application I've built using asp.net 3.5 / running on
IIS6
I want to use BUILTIN groups on the server that contain domain users. So I
set up my web.config like so for example:
<authorization>
<allow roles="BUILTIN\Intranet_Admin"/>
<!--<allow roles="GNB\archivesemp"/works-->
<!--<allow users="GNB\dking"/works-->
<deny...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
