Re: Intranet and Integrated Windows Authentication
From: clintonG (csgallagher_at_REMOVETHISTEXT@metromilwaukee.com)
Date: 06/22/04
- Next message: Thomas Scheiderich: "Re: date formatting"
- Previous message: Mike: "double click on datagrid"
- In reply to: Andrew: "Intranet and Integrated Windows Authentication"
- Next in thread: Raterus: "Re: Intranet and Integrated Windows Authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 22 Jun 2004 13:17:34 -0500
My recommendation will not make the managers happy but the smartest
thing to do may be obtaining Visual Studio 2005 and start learning
ASP.NET 2.0 neither of which will be released into production for some
time but the next release of the framework is going to provide role based
membership and master pages, both of which is going to allow developers
to implement you expressed objective right out of the box so to speak.
--
<%= Clinton Gallagher
A/E/C Consulting, Web Design, e-Commerce Software Development
Wauwatosa, Milwaukee County, Wisconsin USA
NET csgallagher@ REMOVETHISTEXT metromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/
"Andrew" <AndrewR2k1@hotmail.com> wrote in message
news:OJ$2x9HWEHA.2844@TK2MSFTNGP09.phx.gbl...
> Hey all,
>
>
>
> I would like to preface my question by stating I am still learning ASP.net
> and while I am confident in the basics and foundation, the more advanced
> stuff is still a challenge. Ok. :)
>
>
>
> We are looking at redoing our entire Intranet, starting over from scratch,
> as a .Net website. Our current site has two separate sides, a public side
> for all viewers, and a secure side for those granted permission can access
> apps to update web info, databases, etc. In moving to .Net we would like to
> use Integrated Windows Authentication with our pages. We will be putting
> the Intranet server under a Domain Controller where the users and user info
> will be pulled from.
>
>
>
> We would like to have the pages similar to what you would see on eBay, or
> Amazon, or any number of Blog sites. That is, you can surf and view and
> bounce around all the pages, but unless you log in you cannot view your
> personal information. However, if you do log in, the public pages take on
> new buttons or links because those pages know who you are. In essence, the
> public side and secure side merge into one, and page items turn on or off
> depending on your logged in status.
>
>
>
> I have Google'd on "integrated windows authentication" and, of course, have
> found numerous websites. It is almost overwhelming. I found a few good
> articles here:
>
>
>
> Active Directory Authentication from ASP .NET
>
>
http://msdn.microsoft.com/library/en-us/sds/sds/active_directory_authentication_from_asp__net.asp
>
>
>
> Securing an ASP.Net application...
>
> http://www.dotnetjohn.com/articles.aspx?articleid=19
>
>
>
> HOW TO: Authenticate against the Active Directory by Using Forms
> Authentication and Visual Basic .NET
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;326340
>
>
>
> Developing Secure Web Sites with ASP.NET and IIS
>
> http://www.c-sharpcorner.com/Code/2003/March/SecureSiteWithASPNET.asp
>
>
>
> Windows Authentication in ASP.NET
>
> http://www.dotnetbips.com/displayarticle.aspx?id=10
>
>
>
> (Joe Kaplan (MVP - ADSI), if you read this, I also saw your postings
> recently on somewhat this subject in this newsgroup.)
>
>
>
> I am still having trouble interpreting and understanding all this
> information and now look to some of you to help possible translate it into
> English. The last URL above provided an example that shows how to use
> System.Security.Principal to determine the user name and authenticated
> status (which I have tested successfully). But this just pulls from the
> system when the user logged in after turning on the PC. The other URL's
> state that in an Intranet environment, IAW is the thing to use - which is
> where this is going. But I need to offer the ability for a user to log in
> and log out, and when not logged in they are set as "anonymous" - not just
> automatically pull system info. So this seems I need to use Forms
> Authentication? Looking at examples of Forms Authentication, at my level of
> experience, are quite long, involved, and a bit over my head in their
> explanations. Do I use one over the other? Both together? Help?
>
>
>
> So, I am asking for some help here in understanding the .Net techniques to
> develop a website that uses Integrated Windows Authentication (using Active
> Directory from a Domain Controller) to authenticate users, but requires
> users to log in, and allows them to log out. I can control the visual
> changes on the page(s), I just need help on the log-in/log-out, security,
> authentication part of it.
>
>
>
> Your comments, suggestions, tips, and other input are gladly accepted and
> appreciated. Oh, and in VB.net if possible please, though I turn away
> nothing. :)
>
>
>
> -- Andrew
>
>
- Next message: Thomas Scheiderich: "Re: date formatting"
- Previous message: Mike: "double click on datagrid"
- In reply to: Andrew: "Intranet and Integrated Windows Authentication"
- Next in thread: Raterus: "Re: Intranet and Integrated Windows Authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
