473,408 Members | 1,861 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > ntlm authentication with multi-tiered application

Join Bytes to post your question to a community of 473,408 software developers and data experts.

NTLM Authentication with multi-tiered application

Hi,

I have an asp.net application in several tiers and I would like to enable it
for NTLM.

Say the web front end is running on server X and the business logic is
running on server Y. In the non-NTLM case, the user types his password into
the web front end and server X passes it to Y in order to authenticate him.

In the NTLM case, the user is already authenticated to X but since X does
not have the passsword, how can it convince Y that it knows the user is who
he says he is? It seems that I need to add a new Login() method to server Y
which does not require a password (i.e. a security loophole)

Ideally I would like the NTLM authentication to generate some kind of token
that X can get hold of and pass to Y which in turn can pass it to windows
which will say "yes, that is the correct user". is there any kind of
mechanism like this in place?

I desperately don't want to have to enable asp.net impersonation throughout
the whole application because I know this will give me heaps of other
problems to deal with (file permissions etc)

Andy
Jan 9 '06 #1
1 2378
Andy Fish wrote:
Hi,

I have an asp.net application in several tiers and I would like to
enable it for NTLM.

Ideally I would like the NTLM authentication to generate some kind of
token that X can get hold of and pass to Y which in turn can pass it
to windows which will say "yes, that is the correct user". is there
any kind of mechanism like this in place?


Hi Andy,

In fact, NTLM already does that. The problem is that NTLM is explicitly
designed to not allow delegation of credentials, so you'll see a failure in
this scenario. The solution is to use Kerberos authentication and enable
delegation. If you do a KB search for "delegation scenario asp.net", you'll
hit an article that tells you how to configure it.

--
Jim Cheshire
================================
Blog: http://blogs.msdn.com/jamesche

Latest entry:
Getting the PID and TID of a COM Call

Describes how to get the PID of the
dllhost process a COM call is executing
in and how to locate the thread as well.

Jan 9 '06 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
NTLM authentication with IIS and latest IE
by: Bruce Lewis | last post by:
I've gotten NTLM authentication working with PHP 5.0.2 and IIS 5.0, so long as I use Internet Explorer 6.0.2800. Using IE 6.0.2900 authentication doesn't happen. IE displays a "Cannot find Server...
PHP
6
NTLM Authentication
by: Alexander Gnauck | last post by:
Hello, i need to perform NTML Authentication with SMTP against a exchange server. I cant use existing libraries like CDO. The type1 and type2 mesages work OK. Now i have to create the type3...
C# / C Sharp
4
WebProxy support NTLM?
by: vooose | last post by:
Consider accessing a webpage through a proxy server: WebRequest request = WebRequest.Create("http://somepage.com"); WebProxy proxy = new WebProxy(proxyHost, proxyPort); proxy.Credentials = new...
C# / C Sharp
6
NTLM and many duplicated requests
by: Tom | last post by:
Hi, I have activated NTLM authentication on IIS on Windows 2003, and the log files show that for each request, three or four hits are generated. Typically, the first and second hit get a 401...
ASP.NET
2
User validates to local server when NTLM authentication is used andbrowser is firefox
by: Buddy Ackerman | last post by:
If my web site is setup for NTLM authentication and the user is using IE the context.user.identity.name property is the domain user that is currently logged into the local client workstation. Wehen...
ASP.NET
0
Authenticate thru a MS proxy/NTLM
by: Steve Podradchik | last post by:
Hi, In reading the docs for how to do NTLM authentication w/ .Net, an interesting problem seems to appear. Specifically, how do you set the username/password info for a 3rd party Web server...
Visual Basic .NET
2
suppress login dialog with XMLHttpRequest object & NTLM auth
by: samir.kuthiala | last post by:
I do some requests in the background on a page using the XMLHttpRequest object. My site uses NTLM Authentication. However if the user is not logged in, it throws up an ugly dialog box. Is there...
Javascript
4
Add NTLM proxy authentication to urllib2
by: looping | last post by:
Hi, I have to make internet connections through an ISA proxy server that use NTLM or Kerberos authorization method. I've found a program in python called ntlmaps that act like a proxy and could...
Python
40
NTLM authentication
by: webrod | last post by:
Dear All, let's say I have a web service. I would like to authenticate users who try to access it. I am on a winnt server so I will have to use NTLM but I don't want to use IIS settings. Is...
C# / C Sharp
1
NTLM APS python version 0.98
by: pycraze | last post by:
Hi , I am working on NTLM (Windows NT Lan Manager )APS (Authentication Proxy Server ) , to port to C language . I am using ethereal to monitor the packets sent between client and server ....
Python
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!