I'm running in an intranet, with IIS set up for integrated authentication, so I'm using the auth_user server variable for the login and domain information. We've got a db that contains basically a dump of our Active Directory data, so we're pulling the user information from that instead of directly pulling from AD. As a result of that, I've got a class that I use for the database checks, and I've set up our external authentication as a separate project. I've got it working for doing the match ups & I think I'm building the cookie correctly, but when I do the returnURL, ontime displays the login screen again.

Does the external authentication page need to be in the ontime portal directory for it to work correctly? I've got my own settings for web.config, and I don't want to worry about stomping on ontime's code.

I used both the example in the admin guide as well as the active directory example posted a few weeks ago, and the return url isn't set to anything in the book example, but it's set to default.aspx for the 2nd one. I'm thinking that with the authentication code being a separate project, I need to set it to the ontimeportal directory, default.aspx. Does that sound right?

If I've already built the cookie before it goes to the default page - as in pulling up the external authentication project in the browser first, then the login page shouldn't come up, right?  Does this part only work if I embed the portal in another page as an Iframe?

Brenda