Re: Custom Authentication ISAPI Filter on CE 3.0
From: John Spaith [MS] (jspaith_at_ONLINE.microsoft.com)
Date: 12/15/04
- Next message: r_z_aret_at_pen_fact.com: "Re: beginning mobile dev question"
- Previous message: Paul G. Tobey [eMVP]: "Re: How to Deploy a custom evc++ MFC based DLL into CE .Net device"
- In reply to: shiva: "RE: Custom Authentication ISAPI Filter on CE 3.0"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 15 Dec 2004 08:39:21 -0800
Is there a reason you guys need to be using custom auth at all? The CE Web
Server supports built-in authentication and CE has a database that lets you
create user names and passwords specific for the device to auth against.
You can also have CE talk to a domain controller to valid users on a domain.
http://blogs.msdn.com/cenet/archive/2004/09/21/232604.aspx has a high level
overview of this.
-- John Spaith Software Design Engineer, Windows CE Microsoft Corporation Check out the new CE Networking Team Blog at http://blogs.msdn.com/cenet/. This posting is provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use. © 2003 Microsoft Corporation. All rights reserved. "shiva" <shiva@discussions.microsoft.com> wrote in message news:5713A4CC-7105-4301-A8D9-CB4E5BC1DC0A@microsoft.com... > > hi tony, > you are doing great work... i want know something about ISAPI extenstions > and filters. how to achieve user authentication with ISAPI extensions. i'm > bit confuse what are this and how this is useful to me for my user > authentication through webserver. generally, we'll write ASP pages for > authentication, is this ASP page implementation and ISAPI extension dll > implementation both different or the same.. > if you have any sample code for implementing this plz send me.. > > thanks, > shiva > > "tcaminus-ola@yahoo.com" wrote: > >> This is a rather bizarre problem (in my opinion) and will take a bit of >> explaining, so please bear with me... >> >> >> I have implemented an ISAPI filter that performs custom authentication >> by handling the SF_NOTIFY_AUTHENTICATION event. All works well as far >> as authentication goes. The problem comes in when trying to get the >> current authenticated user name in an ISAPI Extension (NOT the filter), >> using GetServerVariable to return AUTH_USER. All the pages on the site >> are written as ISAPI extensions, and in several cases I need to know >> the security level of the logged in user, as different options will be >> rendered based on their security level. The first time a page is >> accessed, it works fine. But, if the user presses Refresh on the >> browser, GetServerVariable returns an empty value for AUTH_USER. I >> should also point out that this problem only manifests itself when the >> web page includes at least one other resource, such as an image or .css >> file. >> >> I have monitored the communication with a network analyzer, and have >> put trace statements in my auth filter so I can see what events are >> being called. I can see what is happening, I just don't know why. On >> the initial page request, the authentication event is called for both >> the ISAPI dll, and the header image (just a normal .gif that is >> displayed at the top of the page). The sniffer shows this as two >> separate TCP sessions. So far, so good... But when I refresh the page, >> I lose the authenticated user (at least, when trying to access it via >> the AUTH_USER server variable). The authentication event is ONLY called >> for the image, and not the ISAPI dll. At this point, I cannot determine >> who the authenticated user is. Again looking at the network capture, I >> see a difference. This time, BOTH the ISAPI dll and image GET requests >> are within the same TCP session. By the way, the "Authorization: >> Basic..." information IS in the header of BOTH GET requests, but the >> GET of the image occurs first, and that is the only resource for which >> the authentication notification is triggered. It seems that if the >> filter doesn't get called for the ISAPI dll (the actual "page"), I'm >> not able to determine the user name, as the AUTH_USER server variable >> is empty in this case. (I have also tried REMOTE_USER, but with the >> same results). >> >> Please note that my web application is running on the Windows CE 3.0 >> web server, which implements a subset of the HTTP/1.0 protocol, and has >> a limited API. I am NOT using the Basic Authentication feature in the >> web server, as the users logging in are not "Windows users". I'm trying >> to manage everything through the custom authentication filter. I hope >> someone can help as this problem has been driving me crazy for nearly >> two weeks. >> >> Thanks, >> >> Tony >> >>
- Next message: r_z_aret_at_pen_fact.com: "Re: beginning mobile dev question"
- Previous message: Paul G. Tobey [eMVP]: "Re: How to Deploy a custom evc++ MFC based DLL into CE .Net device"
- In reply to: shiva: "RE: Custom Authentication ISAPI Filter on CE 3.0"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
