One solution is to inform the ASP application that the client has
logged in. You can do this by sending the ASP app a secure token after
the client is logged in (by security token I mean for example a string
encrypted with a password that is known to both applications). On the
ASP side you can decrypt the string (that can contain the user ID or
email) and log in the user automatically.
I see what you are saying - however I don't have the source files at this time for the ASP.NET application so I don't have the ability to recompile the application.
The ASP.NET application is using the ASP.NET Login control set.
The scenario is this:
- The CF application uses the standard web form for username and password.
- User logs into the CF application
- User navigates around application
- User reaches a page that needs to ALSO present (in lne) information from the ASP.NET application
- ASP.NET application requires a log in before navigation within the application
This is the point at which I want to, behind the scenes, pass the username and password to the ASP.NET application so within the iframe the user is not seeing the Log In page of the ASP.NET application.
I have tried using cfhttp with little success at this point trying to get past the ASP.NET login screen.
This works if the CF and ASP applications are on the same domain (for
example site.com): you cfhttp the username and password to the asp
application, get the cookies from the response and then set those
cookies on the site.com domain (so the browser will send the cookies
next time he connects to your site). This will not work if the ASP
application associates a cookie with an IP (because the login request
will be made from your CF server address or localhost and the client
will send the cookies from a different IP).