Normally, "manual" authentication means that the user fill in some Web form and hit the "Submit" button. It sends HTTP request (usually with the method "POST"); and the user becomes authenticated.
You can do all the same programmatically using the class
System.Net.HttpWebRequest:
http://msdn.microsoft.com/en-us/library/system.net.webrequest.aspx[
^],
http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.aspx[
^].
This is how credential information is set; please see the code sample:
http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.credentials.aspx[
^].
Now, my concern would be a potential security leak. If the sites are unrelated (I would guess that you don't have access to the site requiring authentication and work only at the "client" site), it means that you may be tempted to store a password in your "client" site. In a normal security schema, a password is never stored anywhere. It is absolutely not needed for authentication. Usually, its
cryptographic hash function is stored and it makes it
infeasible to obtain an original password, for a person who has full access to the storage. This is explained in these past answers:
storing password value int sql server with secure way[
^],
Decryption of Encrypted Password[
^],
i already encrypt my password but when i log in it gives me an error. how can decrypte it[
^],
TCP Connection with username and password[
^].
So, ideally, you would need to calculate the hashed password on the client side and post it, but it requires thorough research on how authentication request is sent on the authentication page of your "server" site.
—SA
Submit an article or tip