Ask a Question related to ASP.NET Security, Design and Development.
-
Eric Wise #1
Custom Windows Authentication Principal?
Ok here's the situation, I have several intranet applications at this
company that use windows authentication.
Now when people open the application I can use the user.identity.name to
grab their username. I then use this to query a database that has security
settings for the applications.
What I would like to do is have my own custom user token that I could add
additional fields to (like user.identity.userid, user.identity.departmentid,
user.identity.emailaddress) so I wouldn't have to query the database every
time I want to view them and I don't have to worry about managing session
variables.
Now I've written some code I think will work, but the problem is I can't
figure out how to access the custom information once someone logs in. If
someone could review the code and help me with the last step (or inform me
that I'm barking up the wrong tree) I'd really appreciate it.
Here's the class I created:
Imports System.Security.Principal
Public Class BenetUser
Implements IPrincipal
Private m_Roles() As String
Private m_Id As MyIdentity
Private m_CCID As Integer
Private m_Email As String
Private m_UserName As String
Public Overridable Overloads Function IsInRole(ByVal role As String) As
Boolean Implements IPrincipal.IsInRole
Dim r As String
For Each r In m_Roles
If String.Compare(role, r, True) = 0 Then
Return True
End If
Next
Return False
End Function
Public Overridable Overloads ReadOnly Property Identity() As IIdentity
Implements IPrincipal.Identity
Get
Return m_Id
End Get
End Property
Public ReadOnly Property UserName() As String
Get
Return m_UserName
End Get
End Property
Public ReadOnly Property Id() As Integer
Get
Return m_Id.Id
End Get
End Property
Public ReadOnly Property CCID() As Integer
Get
Return m_CCID
End Get
End Property
Public ReadOnly Property Email() As String
Get
Return m_Email
End Get
End Property
Public Sub New(ByVal roles() As String, ByVal intId As Integer, ByVal
intCCID As Integer, ByVal strEmail As String, ByVal strUserName As String)
m_Roles = roles
m_Id = New MyIdentity(intId)
m_CCID = intCCID
m_Email = strEmail
m_UserName = strUserName
End Sub
Private Class MyIdentity
Implements IIdentity
Private m_Id As Integer
Public Overridable Overloads ReadOnly Property IsAuthenticated() As
Boolean Implements IIdentity.IsAuthenticated
Get
Return True
End Get
End Property
Public Overridable Overloads ReadOnly Property Name() As String
Implements IIdentity.Name
Get
Return m_Id.ToString()
End Get
End Property
Public Overridable Overloads ReadOnly Property AuthenticationType()
As String Implements IIdentity.AuthenticationType
Get
Return "Windows"
End Get
End Property
Friend ReadOnly Property Id() As Integer
Get
Return m_Id
End Get
End Property
Public Sub New(ByVal id As Integer)
m_Id = id
End Sub
End Class
End Class
Then in my global.asax file I put the following code:
Public Sub WindowsAuthentication_OnAuthenticate(ByVal sender As Object,
ByVal e As System.Web.Security.WindowsAuthenticationEventArgs )
If e.Identity.IsAuthenticated Then
Dim id As System.Security.Principal.WindowsIdentity = e.Identity
Dim userName As String = id.Name
Dim myUser As New BPWUser(Replace(userName, "OSTNET1\", ""))
Dim allRoles As String = myUser.Roles
Dim roles() As String = Split(allRoles, "|")
e.User = New BenetUser(roles, myUser.ResourceID,
myUser.CostCenterID, myUser.EmailName, myUser.UserName)
End If
End Sub
Eric Wise Guest
-
Web Service w custom Principal
We have a class that Implements IPrincipal (System.Security.Principal.IPrincipal). We have a business logic class library assembly that checks the... -
Custom Login Form for Windows Authentication?
Hello: I need to have a custom login form page for a site with Windows Authentication and internally i make the 'authentication windows process'.... -
Custom Principal
Hi, I use Custom Principal and it works well on my PC (Localhost). When I deploy it at my hosting service it fails. I print out... -
Custom Roles w/ Windows Authentication?
I have a need to define roles at the web application level, but still use Windows Authentication. I want the application to authenticate the user... -
How to assign a custom principal with a custom soap extension
I have created a custom soap extension. What I need to do next is assign my own custom principal to the current request context so that the... -
Eric Wise #2 Re: Custom Windows Authentication Principal?
I figured it out:
In page code:
If Not Page.IsPostBack Then
Dim myUser As BenetUser = CType(context.User, BenetUser)
Response.Write("Welcome " & myUser.UserName)
End If
"Eric Wise" <NOewise@pica.army.milSPAM> wrote in message
news:%23F8cGF%237DHA.1428@TK2MSFTNGP12.phx.gbl...security> Ok here's the situation, I have several intranet applications at this
> company that use windows authentication.
>
> Now when people open the application I can use the user.identity.name to
> grab their username. I then use this to query a database that hasuser.identity.departmentid,> settings for the applications.
>
> What I would like to do is have my own custom user token that I could add
> additional fields to (like user.identity.userid,As> user.identity.emailaddress) so I wouldn't have to query the database every
> time I want to view them and I don't have to worry about managing session
> variables.
>
> Now I've written some code I think will work, but the problem is I can't
> figure out how to access the custom information once someone logs in. If
> someone could review the code and help me with the last step (or inform me
> that I'm barking up the wrong tree) I'd really appreciate it.
>
> Here's the class I created:
>
> Imports System.Security.Principal
>
> Public Class BenetUser
>
> Implements IPrincipal
>
> Private m_Roles() As String
>
> Private m_Id As MyIdentity
>
> Private m_CCID As Integer
>
> Private m_Email As String
>
> Private m_UserName As String
>
> Public Overridable Overloads Function IsInRole(ByVal role As String)As> Boolean Implements IPrincipal.IsInRole
>
> Dim r As String
>
> For Each r In m_Roles
>
> If String.Compare(role, r, True) = 0 Then
>
> Return True
>
> End If
>
> Next
>
> Return False
>
> End Function
>
> Public Overridable Overloads ReadOnly Property Identity() As IIdentity
> Implements IPrincipal.Identity
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property UserName() As String
>
> Get
>
> Return m_UserName
>
> End Get
>
> End Property
>
> Public ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id.Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property CCID() As Integer
>
> Get
>
> Return m_CCID
>
> End Get
>
> End Property
>
> Public ReadOnly Property Email() As String
>
> Get
>
> Return m_Email
>
> End Get
>
> End Property
>
> Public Sub New(ByVal roles() As String, ByVal intId As Integer, ByVal
> intCCID As Integer, ByVal strEmail As String, ByVal strUserName As String)
>
> m_Roles = roles
>
> m_Id = New MyIdentity(intId)
>
> m_CCID = intCCID
>
> m_Email = strEmail
>
> m_UserName = strUserName
>
> End Sub
>
> Private Class MyIdentity
>
> Implements IIdentity
>
> Private m_Id As Integer
>
> Public Overridable Overloads ReadOnly Property IsAuthenticated()AuthenticationType()> Boolean Implements IIdentity.IsAuthenticated
>
> Get
>
> Return True
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Property Name() As String
> Implements IIdentity.Name
>
> Get
>
> Return m_Id.ToString()
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Propertye.Identity> As String Implements IIdentity.AuthenticationType
>
> Get
>
> Return "Windows"
>
> End Get
>
> End Property
>
> Friend ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public Sub New(ByVal id As Integer)
>
> m_Id = id
>
> End Sub
>
> End Class
>
> End Class
>
>
>
> Then in my global.asax file I put the following code:
>
> Public Sub WindowsAuthentication_OnAuthenticate(ByVal sender As Object,
> ByVal e As System.Web.Security.WindowsAuthenticationEventArgs )
>
> If e.Identity.IsAuthenticated Then
>
> Dim id As System.Security.Principal.WindowsIdentity =>
> Dim userName As String = id.Name
>
> Dim myUser As New BPWUser(Replace(userName, "OSTNET1\", ""))
>
> Dim allRoles As String = myUser.Roles
>
> Dim roles() As String = Split(allRoles, "|")
>
> e.User = New BenetUser(roles, myUser.ResourceID,
> myUser.CostCenterID, myUser.EmailName, myUser.UserName)
>
> End If
>
> End Sub
>
>
>
>
Eric Wise Guest
-
Joe Kaplan \(MVP - ADSI\) #3 Re: Custom Windows Authentication Principal?
Did you consider inheriting from WindowsIdentity (or WindowPrincipal) to add
your custom functionality instead of reimplementing? Getting all the
WindowsIdentity token-based stuff correct seems like it would be quite a
pain. A lot of that is written in C++ instead of C# in the MS
implementation.
I've sub-classed WindowsPrincipal before and added a whole bunch of
additional properties and it worked well for me.
Joe K.
"Eric Wise" <NOewise@pica.army.milSPAM> wrote in message
news:%23F8cGF%237DHA.1428@TK2MSFTNGP12.phx.gbl...security> Ok here's the situation, I have several intranet applications at this
> company that use windows authentication.
>
> Now when people open the application I can use the user.identity.name to
> grab their username. I then use this to query a database that hasuser.identity.departmentid,> settings for the applications.
>
> What I would like to do is have my own custom user token that I could add
> additional fields to (like user.identity.userid,As> user.identity.emailaddress) so I wouldn't have to query the database every
> time I want to view them and I don't have to worry about managing session
> variables.
>
> Now I've written some code I think will work, but the problem is I can't
> figure out how to access the custom information once someone logs in. If
> someone could review the code and help me with the last step (or inform me
> that I'm barking up the wrong tree) I'd really appreciate it.
>
> Here's the class I created:
>
> Imports System.Security.Principal
>
> Public Class BenetUser
>
> Implements IPrincipal
>
> Private m_Roles() As String
>
> Private m_Id As MyIdentity
>
> Private m_CCID As Integer
>
> Private m_Email As String
>
> Private m_UserName As String
>
> Public Overridable Overloads Function IsInRole(ByVal role As String)As> Boolean Implements IPrincipal.IsInRole
>
> Dim r As String
>
> For Each r In m_Roles
>
> If String.Compare(role, r, True) = 0 Then
>
> Return True
>
> End If
>
> Next
>
> Return False
>
> End Function
>
> Public Overridable Overloads ReadOnly Property Identity() As IIdentity
> Implements IPrincipal.Identity
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property UserName() As String
>
> Get
>
> Return m_UserName
>
> End Get
>
> End Property
>
> Public ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id.Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property CCID() As Integer
>
> Get
>
> Return m_CCID
>
> End Get
>
> End Property
>
> Public ReadOnly Property Email() As String
>
> Get
>
> Return m_Email
>
> End Get
>
> End Property
>
> Public Sub New(ByVal roles() As String, ByVal intId As Integer, ByVal
> intCCID As Integer, ByVal strEmail As String, ByVal strUserName As String)
>
> m_Roles = roles
>
> m_Id = New MyIdentity(intId)
>
> m_CCID = intCCID
>
> m_Email = strEmail
>
> m_UserName = strUserName
>
> End Sub
>
> Private Class MyIdentity
>
> Implements IIdentity
>
> Private m_Id As Integer
>
> Public Overridable Overloads ReadOnly Property IsAuthenticated()AuthenticationType()> Boolean Implements IIdentity.IsAuthenticated
>
> Get
>
> Return True
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Property Name() As String
> Implements IIdentity.Name
>
> Get
>
> Return m_Id.ToString()
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Propertye.Identity> As String Implements IIdentity.AuthenticationType
>
> Get
>
> Return "Windows"
>
> End Get
>
> End Property
>
> Friend ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public Sub New(ByVal id As Integer)
>
> m_Id = id
>
> End Sub
>
> End Class
>
> End Class
>
>
>
> Then in my global.asax file I put the following code:
>
> Public Sub WindowsAuthentication_OnAuthenticate(ByVal sender As Object,
> ByVal e As System.Web.Security.WindowsAuthenticationEventArgs )
>
> If e.Identity.IsAuthenticated Then
>
> Dim id As System.Security.Principal.WindowsIdentity =>
> Dim userName As String = id.Name
>
> Dim myUser As New BPWUser(Replace(userName, "OSTNET1\", ""))
>
> Dim allRoles As String = myUser.Roles
>
> Dim roles() As String = Split(allRoles, "|")
>
> e.User = New BenetUser(roles, myUser.ResourceID,
> myUser.CostCenterID, myUser.EmailName, myUser.UserName)
>
> End If
>
> End Sub
>
>
>
>
Joe Kaplan \(MVP - ADSI\) Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
