patrick24601 Posted June 8, 2005 Posted June 8, 2005 Has anybody ever written (or knows where I can find an article) on mixed .NET security? I'd like to present a login form (i.e. form security), validate the ID/password against Windows, and use my own tables for role lookup and management. TIA. Quote
Administrators PlausiblyDamp Posted June 8, 2005 Administrators Posted June 8, 2005 If you are wanting to integrate with windows security you can just use System.Environment.UserDomainName and System.Environment.UserName to get the current users domain and username. You do not need to ask the user for their password yourself - if they are logged on then windows has already validated them. Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
patrick24601 Posted June 8, 2005 Author Posted June 8, 2005 Thanks. Any ideas about the internal SQL Server based role management I want to do or is that all custom code on my part? I did not know if any of the internal Security methods could use something other than NT for role lookup. Still reading. Quote
Administrators PlausiblyDamp Posted June 8, 2005 Administrators Posted June 8, 2005 It might help if you gave more information about what you are trying to do here as .Net does provide methods you can use to implement your own security model if you want to implement your security there. If you are securiung SQL then you can create roles etc from various stored procedures (sp_addrole, sp_addrolemember etc.) Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
patrick24601 Posted June 8, 2005 Author Posted June 8, 2005 Here goes. Sorry - I thought I had explained it in the first post but here goes: I want to validate all users using Windows security. Every user on this web application will need to have a valid Windows account to login. After they login I want to use my own internal application role management - not Windows Group/role management. We do not have the ability easily add/remove groups so I'll be handing that internally. Quote
Administrators PlausiblyDamp Posted June 8, 2005 Administrators Posted June 8, 2005 Didn't realise you were using ASP.Net that's all. If you set the web.config to use Windows authentication then it will automatically provide / prompt when a secured page is accessed. From this you should then be able to query the User object in code to get the user name etc. If you are then wanting to create your own user / group management you would need to investigate the GenericIdentity and GenericPrinciple classes. These will allow you to create your own user objects and assign them to your own groups based on whatever mechanism you are using to track these things (SQL etc) Quote Posting Guidelines FAQ Post Formatting Intellectuals solve problems; geniuses prevent them. -- Albert Einstein
patrick24601 Posted June 8, 2005 Author Posted June 8, 2005 ..and the light goes on for me! Many thanks sir. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.