Authentication question
From: Boyan Dimitrov (boyan@netagesolutions.com)
Date: 11/06/02
- Next message: Patrick C. Cole: "RE: Registry key read fail."
- Previous message: Ulrich Margull: "Re: Security hole with ASP.NET URL rewriting?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Boyan Dimitrov" <boyan@netagesolutions.com> Date: Wed, 6 Nov 2002 15:45:52 +0200
Hi,
I'm developing an intranet application using asp.net. I have a web service
and a client. I use window authentication for logging. Here is a sample
code:
srvcProtocol srvc = new srvcProtocol();
if ( ! srvc.VerifyUser( User.Identity.Name ) )
{
text1.Text = "User was not verified !";
}
VerifyUser routines compares domain name account value with a field of my
db. If such value exists in the DB user is authenticated.
Here is what I cann't do. If authorization fails I want an authentication
header "WWW-authenticate" to be displayed. This header has two edit boxes
and allows to the user to log with different domain account. This header is
the same dialog that widows dispays when a user tries to connect to the
computer in the net on which currently is logged somebody else.
For example on machine
"Test1" NTUSER\test1 is logged. Now NTUSER\test2 comes to his machine.
NTUSER\test2 needs access to his c disk on machine "Test2". So he wirtes in
windows explorer:
Test2\c$
So if NTUSER\test1 rights are insuficient an authorization dialog box is
displayed. I want to show this authorization box in my intranet application
in same circumstances.
10x in advance
Boyan
- Next message: Patrick C. Cole: "RE: Registry key read fail."
- Previous message: Ulrich Margull: "Re: Security hole with ASP.NET URL rewriting?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
