Forms authentication <-> Windows user?

Ask a Question related to ASP.NET Security, Design and Development.

  1. InspektorDerrick #1

    Default Forms authentication <-> Windows user?

    Hi,

    I'm new in ASP.NET and I've got a question about authentication in an
    intranet application:

    I want to authentify and authorize the user by a database. Authentication
    should work like this:

    1. evaluate the windows username
    2. check if user exists in database
    yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    (roles from database)
    no -> 3.
    3. redirect to logon form
    4. check if the user exists in database
    yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    (roles from database)
    no -> securityexception or redirect

    The problem is, if I use Windows-Authentication I may not change
    Principal(?), if I use Forms-Authentication I cannot get the windows-user
    from step 1 (?)
    --
    Regards, InspektorDerrick
    InspektorDerrick Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. Register new user forms authentication
      Ok I admit to being new at this and having problems getting my head around IIS. So if you can help me I will much appreciate it. I have a login...
    2. Forms Authentication Anonymous User
      Hi, I have implemented Forms-Based Authentication for a website I am designing which is working fine. However I want to get a list of Roles for...
    3. ASP.NET Forms Authentication Via A SQL Server Database With Windows User types?
      We have built an ASP.NET application that will run on the Intranet using SQL 2000 as our data layer. We have decided to use Form Authentication...
    4. User Session issue with ASP.NET Forms authentication & Windows 2003
      Hi, I first posted this query in just the aspnet ng but didn't get a reply so I'm posting here (probably more appropriate) Hope one of you guys...
    5. Forms authentication with Windows authentication
      Hi, I have an ASP.NET web site that uses IIS Basic Authentication and accesses an OLAP Server at various stages. The OLAP Server authentication...
  2. Paul Glavich [MVP ASP.NET] #2

    Default Re: Forms authentication <-> Windows user?

    This might help. Similar scenario to yours. A little different but the
    technique can still apply.

    [url]http://aspalliance.com/553[/url]


    --

    - Paul Glavich
    ASP.NET MVP
    ASPInsider ([url]www.aspinsiders.com[/url])


    "InspektorDerrick" <inspektor.derrick@kstp.at> wrote in message
    news:6A26C79B-432F-4CF9-8754-DF5641E10A6E@microsoft.com...
    > Hi,
    >
    > I'm new in ASP.NET and I've got a question about authentication in an
    > intranet application:
    >
    > I want to authentify and authorize the user by a database. Authentication
    > should work like this:
    >
    > 1. evaluate the windows username
    > 2. check if user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> 3.
    > 3. redirect to logon form
    > 4. check if the user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> securityexception or redirect
    >
    > The problem is, if I use Windows-Authentication I may not change
    > Principal(?), if I use Forms-Authentication I cannot get the windows-user
    > from step 1 (?)
    > --
    > Regards, InspektorDerrick

    Paul Glavich [MVP ASP.NET] Guest
    Reply With Quote Reply With Quote
  3. Peng Jie #3

    Default RE: Forms authentication <-> Windows user?


    you can authenticate against the Active Directory by using Forms.

    try the link below:

    [url]http://support.microsoft.com/?id=316748[/url]


    "InspektorDerrick" wrote:
    > Hi,
    >
    > I'm new in ASP.NET and I've got a question about authentication in an
    > intranet application:
    >
    > I want to authentify and authorize the user by a database. Authentication
    > should work like this:
    >
    > 1. evaluate the windows username
    > 2. check if user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> 3.
    > 3. redirect to logon form
    > 4. check if the user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> securityexception or redirect
    >
    > The problem is, if I use Windows-Authentication I may not change
    > Principal(?), if I use Forms-Authentication I cannot get the windows-user
    > from step 1 (?)
    > --
    > Regards, InspektorDerrick
    Peng Jie Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139