Hello,

We have a Learning Management System (LMS) that runs on its own server (IIS/Server 2003). Students must login with Forms authentication to gain access to the content. We want to offer access to third party flash and audio that is embedded in HTML pages hosted on the third party server (IIS/Server 2003). Currently we use a frame in a pop-up window that is populated via a simple URL to the third party HTML pages.

How can the third party control access to their content, so that only students who launch the pop-up windows from our site can access their content? Since the content is mostly video and flash, we would prefer not to stream all of their content through our server to the Student.

We have a programming staff, so we could maybe...
- either post or get for our HTTP request to the third party server
- we could use SSL
- we could programmatically assign a global NT user account to all of our users and then do some kind of Active Directory login from the LMS server to the third party server
- could the third party content be hosted at Amazon S3? Would this allow for secure access/download?

These are just ideas. We really have no idea. Any suggestions would be greatly appreciated.

TIA, Wylie