Authentication Nightmare
From: Terry Horner (hornertl@mentorschools.org)
Date: 09/26/02
- Next message: Kulwant: "Internet/Intranet Access"
- Previous message: YA: "Re: form based authentication and free pages"
- Next in thread: bruce barker: "Re: Authentication Nightmare"
- Reply: bruce barker: "Re: Authentication Nightmare"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Terry Horner" <hornertl@mentorschools.org> Date: Thu, 26 Sep 2002 10:42:47 -0400
I've been going round and round with this authentication business to no
avail. Here's what I'm trying to do:
1. I have a basic login page in which the user enters their username and
password (http://www.mysite.com/login.aspx).
2. The user is authenticated against active directory which works fine
(let's use user jdoe).
3. The user is then redirected to a personal directory
(http://www.mysite.com/jdoe) which is protected by NTFS secuirty
permissions.
The place where I'm running into problems is number three. I need for the
user to be able to have access to their home directory without having to
login again via the NT challenge/response once they have already logged in
via login.aspx. I've tried every combination of settings in IIS and none
seem work. Here's the things I've tried:
----------------------------------------------------------------------------
---------------
1. Impersonation. I have been successful in impersonating users based on
credentials, however I continue to get the challenge/response while I'm
impersonating the user and trying to redirect to their personal directory.
I succesfully logon by using the advapi32.dll library during this process.
Code:
IntPtr nptrUserToken1;
bool bLoggedOn = LogonUser(this.UserName,this.Domain,this.Password,3,0,out
nptrUserToken1);
int nptrUserToken3 = (int) nptrUserToken1;
IntPtr nptrUserToken2 = new IntPtr(nptrUserToken3);
WindowsIdentity widCurrentIdentity = WindowsIdentity.GetCurrent();
WindowsIdentity widTempIdentity = new WindowsIdentity(nptrUserToken2);
WindowsImpersonationContext wicIdentity = widTempIdentity.Impersonate();
WindowsIdentity widNewIdentity = WindowsIdentity.GetCurrent();
----------------------------------------------------------------------------
---------------
2. NetworkCredentials. I have tried using a WebResponse to scrape a
specific page in directory and emulate the content using index.aspx. Still
I get a challenge/response.
Code:
NetworkCredential netcCredential = new
NetworkCredential(this.UserName,this.Password,this.Domain);
CredentialCache credcCache = new CredentialCache();
Uri uriMail = new Uri("http://www.mysite.com/" + this.UserName + "/");
credcCache.Add(uriMail,"Ntlm",netcCredential);
WebRequest webRequest = WebRequest.Create(uriMail);
webRequest.Credentials = credcCache;
webRequest.PreAuthenticate = true;
// Screen scrape code goes here
----------------------------------------------------------------------------
---------------
3. GenericPrincipal. I've set the HttpContext.Current.User to the
impersonated windows user after authentication and still receive the
challenge/response.
Code:
GenericIdentity gpIdentity = new
GenericIdentity(widNewIdentity.Name,"Ntlm");
String[] userRoles = {"clientuser"};
HttpContext.Current.User = new GenericPrincipal(gpIdentity,userRoles);
----------------------------------------------------------------------------
---------------
The code above is pretty much verbatim from various sites and newsgroups.
What am I missing? Can I add authentication to the response headers for
each individual page? Do I need to?
I'll give my first born to someone that can help me find the answer!
Thanks!
Terry
- Next message: Kulwant: "Internet/Intranet Access"
- Previous message: YA: "Re: form based authentication and free pages"
- Next in thread: bruce barker: "Re: Authentication Nightmare"
- Reply: bruce barker: "Re: Authentication Nightmare"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
