Re: form-based authentication for Web Proxy clients for ISA 2004
From: tin (tin_at_no-reply.org)
Date: 10/06/04
- Next message: Doyle: "Access Denied - When Installing ISA in SBS 2000"
- Previous message: Stephan Kaufmann: "Block wmv and wma files"
- In reply to: Robert Lacroix: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Next in thread: Michael J. Carter: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Reply: Michael J. Carter: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 6 Oct 2004 11:15:04 -0700
Michael, I would be very interested in what you can come up with. Since you
said form-based is not possible, i'm sure you can write add-ins to redirect
users to a page hosted on a dedicated site to give them more info on the
network usage policies right? I don't mind stuck with the "Basic
Authentication" method in ISA, just that i wanted to be able to remind that
what's exceptable (and maybe put up some ads).
"Robert Lacroix" <me@robertlacroix.com> wrote in message
news:eDoYim8qEHA.3416@TK2MSFTNGP15.phx.gbl...
> yep that would be nice :)
>
> "Michael J. Carter" <michael@volcanictech.com> wrote in message
> news:%23JNXmH8qEHA.2008@TK2MSFTNGP12.phx.gbl...
> > That sounds like an interesting project. I just finished writing an ISA
> > filter to support HTTP Compression for published servers. It would be
kind
> > of fun to work on something like this.
> >
> > Here are a some thoughts:
> > The solution couldn't rely on any browser authentication methods, such
as
> > Basic Authentication or Cookies, because these are only sent to the
> > destination site and not used globally (i.e., you can't expect the
browser
> > to send the authenticaton information on every request)
> >
> > I think you'll need to base this on IP/User (SecureNAT/Firewall Client).
> >
> > A possible solution.
> > 1) Client tries to access web site
> > 2) ISA looks in cache for this Client*
> > 3) Client not found in cache, redirects to Login
> > 4) Client authenticates
> > 5) ISA caches this client with 5-minute (configurable) timeout.
> > 6) ISA redirect to target URL
> > 7) Subsequent client request
> > 8) Look up client* in cache
> > 9) Client found in cache and timeout not expired, update timeout for
> > another 5 minutes, allow request
> > 10) Timeout expired, redirect to Login
> >
> > * Client = IP (SecureNAT) or User (Firewall Client)
> >
> > Anyway, that's just my first stab at this.
> >
> > Michael
> >
> > "Tin" <Tin@discussions.microsoft.com> wrote in message
> > news:533D4305-191E-4BFE-A017-FBE89F0DAAD0@microsoft.com...
> >>I was wondering if this is possible and if so, where can i get more
> >>details.
> >> To clarify my point, here's my situation. I need to setup a page where
> >> web
> >> proxy clients redirected to for authentication before they can freely
> >> surf
> >> the web. Like how StarBucks and Hotels uses to authenticate people
before
> >> they can go online.
> >>
> >> please add my email to your response if possible - mdtcao@hotmail.com
> >>
> >> thanks,
> >> tin
> >
> >
>
>
- Next message: Doyle: "Access Denied - When Installing ISA in SBS 2000"
- Previous message: Stephan Kaufmann: "Block wmv and wma files"
- In reply to: Robert Lacroix: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Next in thread: Michael J. Carter: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Reply: Michael J. Carter: "Re: form-based authentication for Web Proxy clients for ISA 2004"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
