Re: Forms Authentication and Active Directory
From: Raterus (raterus_at_spam.org)
Date: 06/04/04
- Previous message: John Saunders: "Re: Child Thread Can't Write To Session In Multithreaded ASP.NET"
- In reply to: - Steve -: "Re: Forms Authentication and Active Directory"
- Next in thread: - Steve -: "Re: Forms Authentication and Active Directory"
- Reply: - Steve -: "Re: Forms Authentication and Active Directory"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 4 Jun 2004 17:13:52 -0400
Save their password in the session right after they log in, it's safe there.
"- Steve -" <sevans@foundation.sdsu.edu> wrote in message news:OlO%23iWnSEHA.2408@tk2msftngp13.phx.gbl...
> Well I can get there username with HttpContexct.Current.User.Identity.Name,
> but how can I get their password? Remember I'm using forms based
> authentication against my AD. If I can read their password somehow in plain
> text then I'm home free. I had it in plain text back at the logon.aspx
> page, but is there a safe way to send that over to another page or store it
> somewhere that I can retrieve?
>
> --
>
> Steve Evans
> Email Services
> SDSU Foundation
> (619) 594-0708
>
>
> "Raterus" <raterus@spam.org> wrote in message
> news:%23vaP9omSEHA.2408@tk2msftngp13.phx.gbl...
> I think you are looking at the wrong example, you're looking at code for IIS
> authenticated users, not Forms Authenticated users. You'd essentially be
> impersonating the already impersonated user! That line of code you
> mentioned is equilavent to <identity impersonate="true"> in web.config, and
> yes User.Identity is HttpContext.Current.User.Identity.
>
> But none of that really matters for Forms Authentication. For you, you need
> to scroll down to the little bit more messy code, "Impersonate a Specific
> User in Code". You'll have the username/password they used to log onto your
> website, so just plug it in and have at it.
>
> --Michael
>
> "- Steve -" <sevans@foundation.sdsu.edu> wrote in message
> news:eZ1chelSEHA.1472@TK2MSFTNGP09.phx.gbl...
> > That appears to be what I want to do.
> >
> > I'm implementing the "Impersonate the Authenticating User in Code" and I
> > have one small problem.
> >
> > The second line of code is (this is in C#)
> > impersonationContext =
> > ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
> >
> > What the heck is User.Identity? I can't find the type or namespace? Is
> > this simply the username that is logged in. Should I be using
> > HttpContext.Current.User.Identity.Name
> >
> >
> > --
> >
> > Steve Evans
> > Email Services
> > SDSU Foundation
> > (619) 594-0708
> >
> >
> > "Raterus" <raterus@spam.org> wrote in message
> > news:uCRma8kSEHA.3332@tk2msftngp13.phx.gbl...
> > Here is how you will need to do it, scroll down to "Impersonate a Specific
> > User in Code"
> >
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;306158
> > --Michael
> >
> > "- Steve -" <sevans@foundation.sdsu.edu> wrote in message
> > news:OBC3A4kSEHA.3580@TK2MSFTNGP09.phx.gbl...
> > > I have forms based authentication working, using my Active Directory for
> > > authentication.
> > >
> > > I have a web page that creates a user in active directory. When I was
> > using
> > > IIS authentication it worked fine, now it doesn't. I'm assuming it's
> > > running in the context of the IIS anonymous user. How can I get it to
> run
> > > as the user that logged in with the forms based authentication?
> > >
> > > --
> > >
> > > Steve Evans
> > > Email Services
> > > SDSU Foundation
> > > (619) 594-0708
> > >
> > >
> > >
> >
> >
>
>
- Previous message: John Saunders: "Re: Child Thread Can't Write To Session In Multithreaded ASP.NET"
- In reply to: - Steve -: "Re: Forms Authentication and Active Directory"
- Next in thread: - Steve -: "Re: Forms Authentication and Active Directory"
- Reply: - Steve -: "Re: Forms Authentication and Active Directory"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
