Ask a Question related to ASP.NET Security, Design and Development.
-
Steve Kallal #1
Custom Roles w/ Windows Authentication?
I have a need to define roles at the web application level, but still use
Windows Authentication. I want the application to authenticate the user from
the network login. But I do not want to use Active Directory to define the
role. Instead I was hoping for a simple mechanism to decide whether a user
has read only or write permissions. Of course I could use Active Directory to
maintain the roles, but I want to avoid this. So far I have been able to use
the <authorization> section of web.config to decide which users can log in.
The
User.IsInRole("admin")
statement looks for the "admin" role on Active Directory. I would like to
redirect the IsInRole function somewhere else more local to the application
if possible.
Can this be done?
Steve Kallal Guest
-
Form Authentication - Roles - Always returns to login screen
I'm using forms authentication and I want to limit access to certain directories only to users with certain roles. I have the following code... -
Custom Login Form for Windows Authentication?
Hello: I need to have a custom login form page for a site with Windows Authentication and internally i make the 'authentication windows process'.... -
Forms Authentication based on roles.
HI, I have the following problem. I am making a portal of DJs. The djs must have a Menu, the administrator another menu. I created 2 directories... -
Forms Authentication with roles from table
Hi, This is really driving me crazy... I'm working on a web application with different functionality for users in different roles. These... -
Custom Windows Authentication Principal?
Ok here's the situation, I have several intranet applications at this company that use windows authentication. Now when people open the... -
Joe Kaplan \(MVP - ADSI\) #2 Re: Custom Roles w/ Windows Authentication?
Sure, there are a bunch of possible approaches to this.
The basic thing to consider is where your custom roles come from. For
example, do you want to store them in SQL, AD, XML, etc. Also, you need to
decide if your custom roles will be mapped based just on user identity or
also based on AD group membership.
Microsoft provides a very interesting API for doing application level
role-based security with great AD integration that you should seriously look
at for this.
If you go with a custom route, the mechanics of it are that you will replace
the WindowsPrincipal in the Context.User property with some custom
IPrincipal class that contains your own roles that are mapped in based on
the data you get from the WindowPrincipal that ASP.NET provides you. You
would hook this in either with an HttpModule or with a global.asax event
handler.
I hope this helps.
Joe K.
"Steve Kallal" <SteveKallal@discussions.microsoft.com> wrote in message
news:E9D2A111-E3B6-4126-9C34-22D62C673981@microsoft.com...>I have a need to define roles at the web application level, but still use
> Windows Authentication. I want the application to authenticate the user
> from
> the network login. But I do not want to use Active Directory to define the
> role. Instead I was hoping for a simple mechanism to decide whether a user
> has read only or write permissions. Of course I could use Active Directory
> to
> maintain the roles, but I want to avoid this. So far I have been able to
> use
> the <authorization> section of web.config to decide which users can log
> in.
> The
> User.IsInRole("admin")
> statement looks for the "admin" role on Active Directory. I would like to
> redirect the IsInRole function somewhere else more local to the
> application
> if possible.
>
> Can this be done?
>
Joe Kaplan \(MVP - ADSI\) Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
