tags:

views:

29

answers:

1
Q: 

How to control access to third party HTML pages

Hello,

We have a Learning Management System (LMS) that runs on its own server (IIS/Server 2003). Students must login with Forms authentication to gain access to the content. We want to offer access to third party flash and audio that is embedded in HTML pages hosted on the third party server (IIS/Server 2003). Currently we use a frame in a pop-up window that is populated via a simple URL to the third party HTML pages.

How can the third party control access to their content, so that only students who launch the pop-up windows from our site can access their content? Since the content is mostly video and flash, we would prefer not to stream all of their content through our server to the Student.

We have a programming staff, so we could maybe...
- either post or get for our HTTP request to the third party server
- we could use SSL
- we could programmatically assign a global NT user account to all of our users and then do some kind of Active Directory login from the LMS server to the third party server
- could the third party content be hosted at Amazon S3? Would this allow for secure access/download?

These are just ideas. We really have no idea. Any suggestions would be greatly appreciated.

TIA, Wylie

A: 

Off the cuff, the active directory approach might work, but the networking behind that might be messy since the 3rd party server isn't inside your LAN.

You could probably authenticate against the 3rd party server by posting the login credentials from the user to that server (it would have to come from the client side, but you could automate it to happen after they log into your server or when they launch the course) and getting a second session set up on that server. Then the session can be managed by cookies and when they link into the server they're already authenticated on that server. If you're using asp.net, a lot of the details should be automated at that point...

That's just off the top of my head though. I haven't tried either.

Kendrick  2009-11-16 19:48:00

related questions

Direct3D over Remote Desktop
Looking for software to remotely control iTunes from PC
java.net versus java.nio
mysql import sql via cli from remote server
How can I automate running commands remotely over SSH?
Is an SSH tunnel through Citrix Client possible?
Best way to run remote commands on a Windows server from Java?
How do I make git-svn use a particular svn branch as the remote repository?
Check out from a remote SVN repository TO a remote location?
Remote print module in Java
How do I put a File (Excel) online (Apache Server) with Password Protection but with the Option for Users to alter the File and save the changes?
How do I setup remote debugging from scratch for an Asp.Net app
How do you remotely update Java applications?
Free (affordable) remote web based administration for Windows/IIS?
What is the best way to connect remotely to a mac
Agile development in a distributed team
debug an embedded system containing gdb remotely using some kind of gui.
Remote Linux server to remote linux server dir copy. How?
continuous integration web service
Remote debugging an NT application from XP with Visual Studio 6.0
Can you pair program remotely?
Remote debugging accross domains
How can I prevent a server from becoming locked after a Remote Desktop session
Geographically Distributed Development
How do I access a remote form in php?