Hi,

We have a few web applications that were written using ASP.NET and C# (yuck). I would like to be able to place these on my dashboards and have the ASP application use the managed reporting credentials. In other words, if you run the ASP app from the dashboard after already logging into managed reporting, no problem. If you try to run the ASP app stand-alone, I want the ASP application to bomb out and tell the user he needs to be in managed reporting first. Has anyone had any experience with this kind of thing? I'm a novice at ASP, so please don't use any big words. Thanks!

This message has been edited. Last edited by: Kerry,

How secure do you want it? IOWs, does the .Net application require full userid/password authentication, or is it an unsecured application?

Hi Dan,

Right now the ASP applications use the windows credentials, but we would like to have it so that they could use the webfocus credentials instead. The apps are secure in that you have to be in a certain windows group to be able to use them. I would like to change that to use the managed reporting security (the user id and password that they use to log into the dashboard).

Sorry Mike, I forgot that I responded to this one.

This can get very tricky very quickly. Since your ASP apps use AD groups, you probably do not want to mess with that. If you want to create the illusion that they have to authenticate through MRE, then this is what you could do:

- Change ASP apps to allow SSO, therefore the user's would not be prompted for user/pass and they would be allowed in so long as they have been granted access to that application.
- In WF, when a request is made to the ASP applications, write a record to a centrally located database with the user id, their WF user id, and the current time stamp before the request is forwarded to the ASP app.
- In the ASP apps, change them to query the central database for the WF user id and time stamp based on their AD id.
- If the user does not exist yet, or the latest time stamp is > 3 seconds old, then kick them out.

It is kind of a rip-off of a poor man multi-factor authentication, but it would get the job done without breaking a sweat.

There are other methods I can think of, but they would require a lot more work.

Thanks for the tip, Dan!