RE: Intranet Windows Auth and Forms
From: Bassel Tabbara [MSFT] (basselt_at_online.microsoft.com)
Date: 04/28/03
- Next message: cmoore: "Re: secure pdf files"
- Previous message: Isaac B S: "asp.net security and ports"
- In reply to: dave: "RE: Intranet Windows Auth and Forms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Apr 2003 21:16:14 GMT
Hello Dave,
Your choice is what I was trying to explain in my solution. It is the best
solution since you will benefit from both authentication method;
windows and forms authentication. I didn't understand by what you mean your
users will be prompted twice. It shouldn't since you have Windows
authentication for intranet users and Forms authentication for internet
users. In Windows Authentication you will be able to retrieve the Username
that
is being authenticated. Your choice is the best one and if you have any
further questions, please let me know.
Thanks,
Bassel Tabbara
Microsoft, ASP.NET
This posting is provided "AS IS", with no warranties, and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "dave" <dy@onlinelg.com>
| Sender: "dave" <dy@onlinelg.com>
| References: <071601c30b35$1a2747e0$a301280a@phx.gbl>
<ZmBh1PADDHA.2664@cpmsftngxa06.phx.gbl>
| Subject: RE: Intranet Windows Auth and Forms
| Date: Mon, 28 Apr 2003 06:18:52 -0700
| Lines: 32
| Message-ID: <031b01c30d88$b650d550$3001280a@phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcMNiLZOBd4BYfO4TBKG4Nsc84PVLQ==
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:4946
| NNTP-Posting-Host: TK2MSFTNGXA03 10.40.1.48
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Thank you for providing your thoughts/efforts. I have
| seen this post online and was evaluating it for a couple
| days prior to my post in this newsgroup. Your solution
| has two problems for me.
|
| 1) In the particular case where the user is not in AD,
| they will be prompted by a dialog box for
| username/password. This user will try multiple times
| with this dialog prior to being pushed to another page
| asking them to register. In my opinion, this is
| unacceptable as we are forcing an uneducated user to try
| multiple times and then ask them once more. My users
| would not understand this.
|
| 2) In the code that you provided I am still unable to
| retrieve the identity (username) of the logged in user
| even though they may be authenticated. Unless the
| web.config authentication method is identified as Windows
| i cannot get the "logon user" variable. So this posses
| additional problems for me.
|
| It appears that my only choice is to have 2 sites on my
| intranet. 1) that does windows authentication (where I
| can retrieve username/domain) and let them in
| 2) and another that does pure Forms authentication where
| I can explain that "domain/user" cannot be authenticated
| and therefore must "register" for access.
|
| thoughts?
|
| thank you for your time
| dave
|
- Next message: cmoore: "Re: secure pdf files"
- Previous message: Isaac B S: "asp.net security and ports"
- In reply to: dave: "RE: Intranet Windows Auth and Forms"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
