Transferring logins between servers

[naumanne]

I'm working on 2 secure sites right now. The main site is hosted externally by another company. The FTP site, which is meant to be part of the package, is going to run on my company's own servers.

Given the fact that the database of the main site is not accessible to the FTP server, I need some way of logging users into the FTP site from the main one, and to do so invisibly. Assuming only the main site has an SSL certificate, what would I have to submit to the FTP site to tell it "this user is allowed in" securely? The only information about the user that the FTP site needs to work properly is their username and their access level (a single digit).

I would only need to allow logging in to this FTP site from the main one; there shouldn't be any other way in but to log into the main site first and then perform whatever the above operation turns out to be.

Ideas?

 

[DBAssam]

You could inspect the local Windows login name via an AX:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="expires" content="0">
<script>

function checkuser()
{
  var wshNetwork = new ActiveXObject("WScript.Network");
  var uname = wshNetwork.UserName;
  var url = './default2.cfm?username=' + uname;
  window.location=url;
} 
</script>
</head>
<BODY bgcolor="white" onload="checkuser()">
</body>
</html>

But you need to have the intranet server as trusted in IE etc for the AX to work unchallenged. You then pass the login to another URL along the address line ie ./default2.cfm?username=' + uname;

You can then <cfset Client.username = username>

That should work reliably, but operate it all in frames to mask the address details would be best.