Ask a Question related to ASP.NET Security, Design and Development.
-
Paul Gregory via DotNetMonster.com #1
Impersonation with Forms Authentication
Can anybody help, I?m pretty new to .NET but followed the instructions for
the following.
How to authenticate against the Active Directory by using forms
authentication and Visual Basic .NET
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;326340[/url]
Got the authentication working but when redirected from the login page to
the requested form ?WebForm1.aspx? I can?t get any scripts to run in the
context of the authenticated user.
E.G I bind to Active Directory and try deleting a user, I get a ?General
Access Denied? error. Even though Context.User.Identity.Name displays the
name of the logged in user, the code is still using the credentials of the
anonymous account that has only read permissions to ads. When I change
this account to one with more permissions it works fine.
How can I run scripts (e.g.) ADSI that uses the credentials of the user I
logged in with, I thought this was the idea.
All the code is the same as in the above link except the modified code for
WebForm1.aspx that has the adsi script.
<%@ Page language="vb" AutoEventWireup="false"
CodeBehind="WebForm1.aspx.vb" Inherits="FormsAuthAd.WebForm1" %>
<%@ Import Namespace="System.Security.Principal" %>
<HTML>
<body>
<form id="Form1" method="post" runat="server">
<P>
<asp:Label ID="lblName" Runat="server" /><br>
<asp:Label ID="lblAuthType" Runat="server" /></P>
<P>
<asp:Label id="Label1" runat="server">Label</asp:Label></P>
</form>
<script runat="server">
sub Page_Load(sender as object, e as EventArgs)
lblName.Text = "Hello " + Context.User.Identity.Name & "."
lblAuthType.Text = "You were authenticated using " &
Context.User.Identity.AuthenticationType & "."
end sub
</script>
<%
Dim ObjOU as Object
objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com")
objOU.Delete "user", "cn=MyerKen"
%>
End
</body>
</HTML>
Alternatively is there a way of getting the password from the encrypted
authentication ticket in the cookie generated. I could use this with the
OpenDSObject method to bing to ADS with the new credentials.
--
Message posted via [url]http://www.dotnetmonster.com[/url]
Paul Gregory via DotNetMonster.com Guest
-
Windows authentication with impersonation - network resource access fails
Hi, I have a question regd. Windows authentication and network file access. My asp.net application doesn't use any of the .NET's authentication... -
Integrated Authentication, Impersonation, and Web Services
Environment: OS: Windows 2003 IIS: 6 ..Net Framework: 1.1 Authentication Scheme: Windows Integrated Authentication Impersonation: Enabled ... -
OdbcConnection failed when using Windows authentication and impersonation.
I got the error message below when I try to open a connection with code: Dim connection As New OdbcConnection("Driver={Microsoft Text Driver... -
Total Confusion! - ACLs and Windows authentication with no impersonation
Hi all, apologies if this has come up before, but I've been searching the whole day and found nothing... If I have authentication set to... -
Impersonation failure with Index Server and Forms Authentication with Active Directory
I'm posting my problem experience and solution I found here for other ASP.NET developers. I have a web application that uses Forms Authentication... -
Naveen K Kohli #2 Re: Impersonation with Forms Authentication
See if this helps..
[url]http://www.netomatix.com/ImpersonateUser.aspx[/url]
Naveen K Kohli
"Paul Gregory via DotNetMonster.com" <forum@DotNetMonster.com> wrote in
message news:9fd408da4f404d81946d564d0fb685fc@DotNetMonste r.com...> Can anybody help, I?m pretty new to .NET but followed the instructions for
> the following.
>
> How to authenticate against the Active Directory by using forms
> authentication and Visual Basic .NET
>
> [url]http://support.microsoft.com/default.aspx?scid=kb;en-us;326340[/url]
>
> Got the authentication working but when redirected from the login page to
> the requested form ?WebForm1.aspx? I can?t get any scripts to run in the
> context of the authenticated user.
> E.G I bind to Active Directory and try deleting a user, I get a ?General
> Access Denied? error. Even though Context.User.Identity.Name displays the
> name of the logged in user, the code is still using the credentials of the
> anonymous account that has only read permissions to ads. When I change
> this account to one with more permissions it works fine.
> How can I run scripts (e.g.) ADSI that uses the credentials of the user I
> logged in with, I thought this was the idea.
> All the code is the same as in the above link except the modified code for
> WebForm1.aspx that has the adsi script.
>
> <%@ Page language="vb" AutoEventWireup="false"
> CodeBehind="WebForm1.aspx.vb" Inherits="FormsAuthAd.WebForm1" %>
> <%@ Import Namespace="System.Security.Principal" %>
> <HTML>
> <body>
> <form id="Form1" method="post" runat="server">
> <P>
> <asp:Label ID="lblName" Runat="server" /><br>
> <asp:Label ID="lblAuthType" Runat="server" /></P>
> <P>
> <asp:Label id="Label1" runat="server">Label</asp:Label></P>
> </form>
> <script runat="server">
> sub Page_Load(sender as object, e as EventArgs)
> lblName.Text = "Hello " + Context.User.Identity.Name & "."
> lblAuthType.Text = "You were authenticated using " &
> Context.User.Identity.AuthenticationType & "."
>
> end sub
> </script>
>
> <%
>
> Dim ObjOU as Object
>
> objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com")
>
> objOU.Delete "user", "cn=MyerKen"
>
> %>
>
> End
> </body>
> </HTML>
>
> Alternatively is there a way of getting the password from the encrypted
> authentication ticket in the cookie generated. I could use this with the
> OpenDSObject method to bing to ADS with the new credentials.
>
> --
> Message posted via [url]http://www.dotnetmonster.com[/url]
Naveen K Kohli Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
