I would like to know if the following is possible:
As part of the PageLoad of an ASP.Net page request:
- Use HttpWebRequest (POST) to make a request to a forms authentication webpage of a different web application
- Examine the response to see if the authentication succeeded (identifiable if an authentication cookie has been set)
- If it fails, then finish the ASP.Net page request, which will display a message saying "couldn't auto-login" or some such thing
- If success, then instead of completing the ASP.Net page lifecycle, use "Response.Write" to send the response from the HttpWebRequest back to the browser (thus essentially displaying the webpage from the HttpWebRequest)
If the above is possible, then, is there also a way to transfer the authentication cookie from the HttpWebResponse to the requesting browser? My gut feeling is probably not - but if this is the case, then how do proxy servers handle such things? Is that not essentially what they are doing?
Thanks for any help