Re: NT based roles using forms authentication
From: Scott Allen (bitmask_at_[nospam)
Date: 08/13/04
- Next message: Richard C.: "Passing Multiple Parameters in NavigateURL property of a column"
- Previous message: Jim Cheshire [MSFT]: "RE: Unable to start debugging"
- In reply to: Sharat Koya: "Re: NT based roles using forms authentication"
- Next in thread: Sharat Koya: "Re: NT based roles using forms authentication"
- Reply: Sharat Koya: "Re: NT based roles using forms authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 13 Aug 2004 14:58:16 -0400
You could create locked down local accounts on the web server and
still use Windows authentication. If the server doesn't recognize
thier current credentials the browser will prompt for then to enter a
username, password and domain (machine name) to log in with.
-- Scott http://www.OdeToCode.com On Fri, 13 Aug 2004 11:37:03 -0700, "Sharat Koya" <Sharat Koya@discussions.microsoft.com> wrote: >The reason I am using this method is that it allows users to be logged in on >a secure locked down account whilst allowing them the option to log in as >them selves and change between users without logging off the account. Is >there a way of perserving this idea without implementing database stored >roles? > >thanks > >"Scott Allen" wrote: > >> Hi Sharat: >> >> I'm not sure what the requirements are for your application, but I'm >> thinking you could save yourself a good deal of code if you let >> Windows manage the authentication and impersonation with a web.config >> along the lines of: >> >> <system.web> >> <authentication mode="Windows"/> >> <identity impersonate="true"/> >> <authorization> >> <deny users="?"/> >> <allow users="*"/> >> </authorization> >> </system.web> >> >> This will avoid you having to use LogonUser in your code. If you do go >> this way - you need to use the token given out by LogonUser to do the >> impersonation, and pass the token to CloseHandle for proper cleanup >> afterwards. >> >> -- >> Scott >> http://www.OdeToCode.com >> >> >> On 13 Aug 2004 08:12:33 -0700, sharat.koya@addenbrookes.nhs.uk (Sharat >> Koya) wrote: >> >> >Please can you help with a problem I am having. >> > >> >My web config is set to... >> ><authorization><deny users="?"/> >> ><authentication mode="Forms"> >> ><forms name=".COOKIE" loginUrl="login.aspx" protection="All" >> >timeout="5" path="/"/> >> ></authentication> >> ><identity impersonate="true"/> >> > >> >login.aspx uses advapi32.dll to create the token and authenticate the >> >user >> >using the code.. >> >if(LogonUser(TextBoxUsername.Text, >> > "HILLSRD", >> > TextBoxPassword.Text, >> > LOGON32_LOGON_INTERACTIVE, >> > LOGON32_PROVIDER_DEFAULT, >> > ref token) != 0) >> > { >> > >> > FormsAuthentication.RedirectFromLoginPage(TextBoxUsername.Text, >> >CBoxRememberMe.Checked); >> > >> > } >> > >> >but when I want to enable NT group security but when I go to access >> >User.IsInRole it always returns false? I digged a little deeper by >> >live debugging and found that m_roles array is always empty. What am I >> >doing wrong - why aren't the roles avaialble that are on the domain? >> > >> > >> >many thanks for any help on this. >> > >> >Sharat Koya >> >>
- Next message: Richard C.: "Passing Multiple Parameters in NavigateURL property of a column"
- Previous message: Jim Cheshire [MSFT]: "RE: Unable to start debugging"
- In reply to: Sharat Koya: "Re: NT based roles using forms authentication"
- Next in thread: Sharat Koya: "Re: NT based roles using forms authentication"
- Reply: Sharat Koya: "Re: NT based roles using forms authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
