Re: <authentication mode="Windows" /> Question
From: Mike Shaw [MS] (mikeshaw@online.microsoft.com)
Date: 10/27/02
- Next message: John: "User Class"
- Previous message: Mike Shaw [MS]: "Re: write to event log"
- In reply to: Craig: "Re: <authentication mode="Windows" /> Question"
- Next in thread: Craig: "Re: <authentication mode="Windows" /> Question"
- Reply: Craig: "Re: <authentication mode="Windows" /> Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mike Shaw [MS]" <mikeshaw@online.microsoft.com> Date: Sat, 26 Oct 2002 23:05:44 +0100
Hi Craig
Because you are not impersonating, you will not need to change any of the
access permissions - all ACL checks will be against the account the asp.net
worker process is using.
Is the name of the WindowsIdentity as you expect when the other user
connects to your site? You may need to check the IIS vroot of your
application's security configuration has the Anonymous option unchecked.
-- Mike Shaw .NET Developer Group, UK This posting is provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use. © 2002 Microsoft Corporation. All rights reserved. "Craig" <craig@compete.com.au> wrote in message news:59de01c27af4$38409280$39ef2ecf@TKMSFTNGXA08... Hi Mike A couple of issues which messed me up a bit. Firstly I needed to log off the network to pick up the new group. Secondly I needed to be case sensitive which the DOMAN\GroupName. And a realted question, another user is also in the group I set up (he has logged off and back onto the network); when he connects to my machine to access the web site, the IsInRole(DOMAIN\GroupName) returns false. Do I need to do allow the DOMAIN\GroupName permission to the physical web folder? Craig >-----Original Message----- >Hi Craig > >It looks like what your are doing is corrrect, but sometimes you can get >caught out by the syntax of the string for the role you are testing for. >When you are looking for a domain based group membership, you need to use a >capitalised identity for the domain name. For example: @"MYDOMAIN\mygroup" > >The text and case have to be identicle since the comparisson is done via a >hashtable and different cases in the test string will result in different >hash values. > >-- >Mike Shaw >..NET Developer Group, UK > >This posting is provided "AS IS" with no warranties, and confers no rights. >You assume all risk for your use. © 2002 Microsoft Corporation. All rights >reserved. > >"Craig" <craig@compete.com.au> wrote in message >news:b41801c27a3a$77dc18c0$35ef2ecf@TKMSFTNGXA11... >> Hi >> >> I have a intranet web app where I need to check the role >> information of the windows user. I have set up a role in >> the domain and added me, a domain user to it. When I >> execute the IsInRole() method, the return value is >> false. >> >> The intention is to allow all authenicated users to >> access the site, users who are in the specified domain >> role have access to admin type features of the site. >> >> Here is my sample code for the page: >> >> WindowsPrincipal wp = (WindowsPrincipal) >> HttpContext.Current.User; >> if(wp.IsInRole("myDomainRole")) { >> // user in role >> } >> >> --- >> >> Here is the relevant web.config section: >> >> <authentication mode="Windows" /> >> <identity impersonate="false" /> >> >> In machine.config, I have left the processModel as is - >> default. >> >> --- >> >> In IIS, I have set the virtual web authentication methods >> to 'only' Integrate Windows authenication, the other >> checkboxes are unchecked. >> >> I would greatly appreciate any help in configuring this, >> as I have tired all sorts of ways to make this work. >> >> Regards >> >> Craig > > >. >
- Next message: John: "User Class"
- Previous message: Mike Shaw [MS]: "Re: write to event log"
- In reply to: Craig: "Re: <authentication mode="Windows" /> Question"
- Next in thread: Craig: "Re: <authentication mode="Windows" /> Question"
- Reply: Craig: "Re: <authentication mode="Windows" /> Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
