RE: Windows authentication and Role security for VS2005 website

Steven,

Thank you for your response.

Protecting the web site with IIS/file system security is great from a
security perspective. My concern was that doing this means you don't get the
UI updates (only available menu items are presented). However, I have tried
this and it seems that disabling access through the file system causes the UI
to update.

This is exactly what I was wanting to achieve.

Stephen

"Steven Cheng[MSFT]" wrote:

> Hi SJH,
>
> Welcome to MSDN newsgroup.
> As for the authentication/authorization setting in ASP.NET 2.0 / VS.NET
> 2005, it has been changed from the original ones in VS.NET 2003/ ASP.NET
> 1.X. In fact, we can find it from the ASP.NET Web admin configuration
> console, when we swtich to use local intranet security mode,(not use
> FormsAuthentication, the users/roles management are disabled in it , that
> means currently the declarative mode authorization in web.config only
> support FormsAuthentication. Anyway, I'll ask some other ASP.NET dev guys
> to confirm this behavior and will update you soon.
>
> Thanks,
>
> Steven Cheng
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
>
>
>
> --------------------
> | From: "SJH" <sjh@xxxxxxxxxxxxx>
> | Newsgroups: microsoft.public.vsnet.general
> | Subject: Windows authentication and Role security for VS2005 website
> | Date: Tue, 20 Sep 2005 07:02:55 +0000 (UTC)
> | Organization: BT Openworld
> | Lines: 13
> | Message-ID: <dgoc6u$g0e$1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> | NNTP-Posting-Host: host86-136-66-109.range86-136.btcentralplus.com
> | X-Trace: nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com 1127199775 16398
> 86.136.66.109 (20 Sep 2005 07:02:55 GMT)
> | X-Complaints-To: news-complaints@xxxxxxxxxxxxxxxxxxxx
> | NNTP-Posting-Date: Tue, 20 Sep 2005 07:02:55 +0000 (UTC)
> | X-Priority: 3
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | X-RFC2646: Format=Flowed; Original
> | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | X-MSMail-Priority: Normal
> | Path:
> TK2MSFTNGXA01.phx.gbl!TK2MSFTFEED02.phx.gbl!tornado.fastwebnet.it!tiscali!ne
> wsfeed1.ip.tiscali.net!border2.nntp.ams.giganews.com!nntp.giganews.com!feede
> r.xsnews.nl!83.128.0.11.MISMATCH!news-out1.kabelfoon.nl!newsfeed.kabelfoon.n
> l!xindi.nntp.kabelfoon.nl!zen.net.uk!demorgan.zen.co.uk!194.72.9.35.MISMATCH
> !news-peer1!btnet-feed5!btnet!news.btopenworld.com!not-for-mail
> | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.vsnet.general:10506
> | X-Tomcat-NG: microsoft.public.vsnet.general
> |
> | Using VS2005RC1 I'm trying to use role based security to control access
> to
> | parts of a website.
> |
> | Forms authentication works fine, but with windows authentication the web
> | site administration tools does not give the option of adding windows user
> | accounts.
> |
> | I can restrict access based on the username, but cant find a way to
> restrict
> | access based on roles or security groups.
> |
> | Thank you for any assistance.
> |
> |
> |
>
>
.