Re: Intranet and Integrated Windows Authentication

From: Joe H (jharri_at_hotmail.com)
Date: 06/23/04 

Date: Wed, 23 Jun 2004 11:05:32 -0500

how about turning on Integrated Windows Authentication. and then maintain a
user-list to the resources in the site that you require special access to?
this can be done on a page basis, or a function basis, or a "role" basis,
etc...

since this is an "intranet" the word "public" does not have the same
meaning, right? in other words, everybody on your network accessing your
intranet should be in active directory. and should therefore be accounted
for when they access ANY part of your intranet site.

"Andrew" <AndrewR2k1@hotmail.com> wrote in message
news:uEPoX6HWEHA.3024@TK2MSFTNGP09.phx.gbl...
> Hey all,
>
>
>
> I would like to preface my question by stating I am still learning ASP.net
> and while I am confident in the basics and foundation, the more advanced
> stuff is still a challenge. Ok. :)
>
>
>
> We are looking at redoing our entire Intranet, starting over from scratch,
> as a .Net website. Our current site has two separate sides, a public side
> for all viewers, and a secure side for those granted permission can access
> apps to update web info, databases, etc. In moving to .Net we would like
to
> use Integrated Windows Authentication with our pages. We will be putting
> the Intranet server under a Domain Controller where the users and user
info
> will be pulled from.
>
>
>
> We would like to have the pages similar to what you would see on eBay, or
> Amazon, or any number of Blog sites. That is, you can surf and view and
> bounce around all the pages, but unless you log in you cannot view your
> personal information. However, if you do log in, the public pages take on
> new buttons or links because those pages know who you are. In essence,
the
> public side and secure side merge into one, and page items turn on or off
> depending on your logged in status.
>
>
>
> I have Google'd on "integrated windows authentication" and, of course,
have
> found numerous websites. It is almost overwhelming. I found a few good
> articles here:
>
>
>
> Active Directory Authentication from ASP .NET
>
>
http://msdn.microsoft.com/library/en-us/sds/sds/active_directory_authentication_from_asp__net.asp
>
>
>
> Securing an ASP.Net application...
>
> http://www.dotnetjohn.com/articles.aspx?articleid=19
>
>
>
> HOW TO: Authenticate against the Active Directory by Using Forms
> Authentication and Visual Basic .NET
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;326340
>
>
>
> Developing Secure Web Sites with ASP.NET and IIS
>
> http://www.c-sharpcorner.com/Code/2003/March/SecureSiteWithASPNET.asp
>
>
>
> Windows Authentication in ASP.NET
>
> http://www.dotnetbips.com/displayarticle.aspx?id=10
>
>
>
> (Joe Kaplan (MVP - ADSI), if you read this, I also saw your postings
> recently on somewhat this subject in this newsgroup.)
>
>
>
> I am still having trouble interpreting and understanding all this
> information and now look to some of you to help possible translate it into
> English. The last URL above provided an example that shows how to use
> System.Security.Principal to determine the user name and authenticated
> status (which I have tested successfully). But this just pulls from the
> system when the user logged in after turning on the PC. The other URL's
> state that in an Intranet environment, IAW is the thing to use - which is
> where this is going. But I need to offer the ability for a user to log in
> and log out, and when not logged in they are set as "anonymous" - not just
> automatically pull system info. So this seems I need to use Forms
> Authentication? Looking at examples of Forms Authentication, at my level
of
> experience, are quite long, involved, and a bit over my head in their
> explanations. Do I use one over the other? Both together? Help?
>
>
>
> So, I am asking for some help here in understanding the .Net techniques to
> develop a website that uses Integrated Windows Authentication (using
Active
> Directory from a Domain Controller) to authenticate users, but requires
> users to log in, and allows them to log out. I can control the visual
> changes on the page(s), I just need help on the log-in/log-out, security,
> authentication part of it.
>
>
>
> Your comments, suggestions, tips, and other input are gladly accepted and
> appreciated. Oh, and in VB.net if possible please, though I turn away
> nothing. :)
>
>
>
> -- Andrew
>
>