---
gc deep wrote:
>
> I have two applications one having web application security(Cold Fusion) with User Login Details etc and other(ASP) having Basic Authentication turned ON. Both applications are on different web servers.
>
> I would like to provide a link on Cold Fusion Application, with Basic Authentication credentials embedded with link, so that if a user clicks on the link he doesn't get the Basic Authentication box to access ASP application
Can't be done. IE was so broken MS had to disable the option to
embed passwords in the URL alltogether to make it look a little
bit more secure.
On the other hand, Digest Authentication has provisions
specificaly for this. See RFC 2617.
Jochem
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
