Professional Web Applications Themes

ASP.NET windows authetication - ASP.NET Security

Traditionally, I've used windows authentication with a web server on an Active directory domain. IIS authenticated users on AD. However to do this, a window popped up and users entered information in that. However, I'd like to instead make an asp.net form that authenticated via windows authentication. The reason why is I need to allow windows authentication as well as authentication where the username is actually an e-mail address, but i don't want to have two seperate forms to do this. Is this possible? If so, anyone know some good examples on the web? VB or C#, doesn't matter which....

  1. #1

    Default ASP.NET windows authetication

    Traditionally, I've used windows authentication with a web server on an
    Active directory domain. IIS authenticated users on AD. However to do this,
    a window popped up and users entered information in that.

    However, I'd like to instead make an asp.net form that authenticated via
    windows authentication.

    The reason why is I need to allow windows authentication as well as
    authentication where the username is actually an e-mail address, but i don't
    want to have two seperate forms to do this.

    Is this possible?

    If so, anyone know some good examples on the web? VB or C#, doesn't matter
    which.
    Andy Guest

  2. #2

    Default Re: ASP.NET windows authetication

    On Wed, 1 Dec 2004 14:15:39 -0800, "Andy" <Andydiscussions.microsoft.com> wrote:

    Traditionally, I've used windows authentication with a web server on an
    Active directory domain. IIS authenticated users on AD. However to do this,
    a window popped up and users entered information in that.

    However, I'd like to instead make an asp.net form that authenticated via
    windows authentication.

    The reason why is I need to allow windows authentication as well as
    authentication where the username is actually an e-mail address, but i don't
    want to have two seperate forms to do this.

    Is this possible?

    If so, anyone know some good examples on the web? VB or C#, doesn't matter
    which.

    I think you're going to have to make a choice as to whether to use Windows authentication or Forms
    based authentication. If using the email address as the account ID is a requirement then you're
    likely to exceed the maximum characters allowed for an AD account.

    With Forms based authentication you can use a database (such as SQL Server) instead for maintaining
    authentication credentials.

    [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;308157[/url]


    Paul ~~~ [email]pclementameritech.net[/email]
    Microsoft MVP (Visual Basic)
    Paul Clement Guest

  3. #3

    Default RE: ASP.NET windows authetication

    Using only forms authentication with e-mail addresses won't be possible. I
    have to authenticate users in AD with AD.

    I'm going to have a process that checks if the username is in email format
    before it checks AD authentication. Then I'll do a simple query to see if
    their username is in AD.

    Assuming I use the forms authentication, can I still authenticate against AD?

    "Andy" wrote:
    > Traditionally, I've used windows authentication with a web server on an
    > Active directory domain. IIS authenticated users on AD. However to do this,
    > a window popped up and users entered information in that.
    >
    > However, I'd like to instead make an asp.net form that authenticated via
    > windows authentication.
    >
    > The reason why is I need to allow windows authentication as well as
    > authentication where the username is actually an e-mail address, but i don't
    > want to have two seperate forms to do this.
    >
    > Is this possible?
    >
    > If so, anyone know some good examples on the web? VB or C#, doesn't matter
    > which.
    Andy Guest

  4. #4

    Default Re: ASP.NET windows authetication

    There are many sources from where to look for this topic. One classic is
    this:

    How To: Use Forms Authentication with Active Directory
    [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp[/url]

    Hernan de Lahitte
    [url]http://weblogs.asp.net/hernandl[/url]


    "Andy" <Andydiscussions.microsoft.com> wrote in message
    news:F0BB48D3-F10B-4E85-A1FD-977087AB6F95microsoft.com...
    > Using only forms authentication with e-mail addresses won't be possible.
    > I
    > have to authenticate users in AD with AD.
    >
    > I'm going to have a process that checks if the username is in email format
    > before it checks AD authentication. Then I'll do a simple query to see if
    > their username is in AD.
    >
    > Assuming I use the forms authentication, can I still authenticate against
    > AD?
    >
    > "Andy" wrote:
    >
    >> Traditionally, I've used windows authentication with a web server on an
    >> Active directory domain. IIS authenticated users on AD. However to do
    >> this,
    >> a window popped up and users entered information in that.
    >>
    >> However, I'd like to instead make an asp.net form that authenticated via
    >> windows authentication.
    >>
    >> The reason why is I need to allow windows authentication as well as
    >> authentication where the username is actually an e-mail address, but i
    >> don't
    >> want to have two seperate forms to do this.
    >>
    >> Is this possible?
    >>
    >> If so, anyone know some good examples on the web? VB or C#, doesn't
    >> matter
    >> which.

    Hernan de Lahitte Guest

  5. #5

    Default Re: ASP.NET windows authetication

    On Thu, 2 Dec 2004 09:25:02 -0800, "Andy" <Andydiscussions.microsoft.com> wrote:

    Using only forms authentication with e-mail addresses won't be possible. I
    have to authenticate users in AD with AD.

    I'm going to have a process that checks if the username is in email format
    before it checks AD authentication. Then I'll do a simple query to see if
    their username is in AD.

    Assuming I use the forms authentication, can I still authenticate against AD?

    I don't believe that you can authenticate with Active Directory using an email address - certainly
    not if the email addresses have domain names that are different than the domain you are attempting
    to authenticate against.


    Paul ~~~ [email]pclementameritech.net[/email]
    Microsoft MVP (Visual Basic)
    Paul Clement Guest

  6. #6

    Default Re: ASP.NET windows authetication

    Not quite.
    Users who don't enter an e-mail address would authenticate with aciive
    directory.
    User who do enter an e-mail address would authenticate with an access
    database (I already know about hasing passwords)

    "Paul Clement" wrote:
    > On Thu, 2 Dec 2004 09:25:02 -0800, "Andy" <Andydiscussions.microsoft.com> wrote:
    >
    > ¤ Using only forms authentication with e-mail addresses won't be possible. I
    > ¤ have to authenticate users in AD with AD.
    > ¤
    > ¤ I'm going to have a process that checks if the username is in email format
    > ¤ before it checks AD authentication. Then I'll do a simple query to see if
    > ¤ their username is in AD.
    > ¤
    > ¤ Assuming I use the forms authentication, can I still authenticate against AD?
    >
    > I don't believe that you can authenticate with Active Directory using an email address - certainly
    > not if the email addresses have domain names that are different than the domain you are attempting
    > to authenticate against.
    >
    >
    > Paul ~~~ [email]pclementameritech.net[/email]
    > Microsoft MVP (Visual Basic)
    >
    Andy Guest

  7. #7

    Default Re: ASP.NET windows authetication

    On Sun, 12 Dec 2004 20:33:02 -0800, "Andy" <Andydiscussions.microsoft.com> wrote:

    Not quite.
    Users who don't enter an e-mail address would authenticate with aciive
    directory.
    User who do enter an e-mail address would authenticate with an access
    database (I already know about hasing passwords)


    You will have to use Forms Authentication for both and then choose windows or database
    authentication based upon the account ID they enter.

    Authenticating against the database is relatively easy. Authenticating against AD might require a
    bit more effort. What you will probably need to do is call the LogonUser API function call. There is
    an example in the article below. You don't need to implement the impersonation code, just call
    LogonUser with the supplied credentials.

    How to implement impersonation in an ASP.NET application
    [url]http://support.microsoft.com/kb/306158/EN-US/[/url]

    There is another method that uses DirectoryServices, however I'm somewhat dubious about the solution
    since Microsoft has indicated in the past that ADSI and DirectoryServices were not designed for
    authentication.

    HOW TO: Authenticate against the Active Directory by Using Forms Authentication and Visual Basic
    ..NET
    [url]http://support.microsoft.com/?id=326340[/url]


    Paul ~~~ [email]pclementameritech.net[/email]
    Microsoft MVP (Visual Basic)
    Paul Clement Guest

Similar Threads

  1. Tomcat HTTPS SSL Authetication (WITH SECURITYCONSTRAINT)
    By Vackar in forum Macromedia Flex General Discussion
    Replies: 1
    Last Post: May 23rd, 12:25 PM
  2. SQL Authetication in windows service
    By ajit in forum ASP.NET Security
    Replies: 4
    Last Post: November 9th, 12:50 AM
  3. form authetication?
    By in forum ASP.NET Security
    Replies: 10
    Last Post: May 13th, 02:15 PM
  4. Replies: 0
    Last Post: April 16th, 03:38 PM
  5. Forms Authetication to Protect Single File Using Asp.net
    By rodrigo in forum ASP.NET Security
    Replies: 1
    Last Post: August 21st, 05:40 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139