Wednesday, May 13, 2009

Form Based Authentication and Client integration

For most of the extranet facing website, Form based authentication is most suitable form of authenticating users. But in past one big dis-advantage to use Form Based Authentication was to loose client integration features. Users cant open documents in native applications ( like Word ) and so they need to download a document edit it and upload it , which is very painful.

Some good news:
There were some workaround done in CKS ( Codeplex project ) to deal with this situation, but again they were limited to Windows XP only.

Today while reading my feed , I got some more good news on the same topic. There are some changes done the way Form Authentication was handled for client integration.

These changes allow Office applications to display whatever forms login page is being used for the site in a pop up dialog box. The Office application renders the HTML from that login page and allows the user to enter credentials. The credentials are sent back to the server and if the server returns a redirect response for the document that was originally requested, the Office application assumes that the identity has been successfully established. It is then able to use the authorization cookie it was given to retrieve the document and any associated metadata, and open the item up.

Requirement for Client machine:
-- XP machines need to be have patched and require some Registry change
-- Vista machine will require
-- IE 7.0 or higher