Impersonation with Forms Authentication
From: Paul Gregory via DotNetMonster.com (forum_at_DotNetMonster.com)
Date: 03/25/05
- Previous message: Todd M. Taylor: "Multiple Roles with Multiple Clients"
- Next in thread: Naveen K Kohli: "Re: Impersonation with Forms Authentication"
- Reply: Naveen K Kohli: "Re: Impersonation with Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Mar 2005 19:51:07 GMT
Can anybody help, I?m pretty new to .NET but followed the instructions for
the following.
How to authenticate against the Active Directory by using forms
authentication and Visual Basic .NET
http://support.microsoft.com/default.aspx?scid=kb;en-us;326340
Got the authentication working but when redirected from the login page to
the requested form ?WebForm1.aspx? I can?t get any scripts to run in the
context of the authenticated user.
E.G I bind to Active Directory and try deleting a user, I get a ?General
Access Denied? error. Even though Context.User.Identity.Name displays the
name of the logged in user, the code is still using the credentials of the
anonymous account that has only read permissions to ads. When I change
this account to one with more permissions it works fine.
How can I run scripts (e.g.) ADSI that uses the credentials of the user I
logged in with, I thought this was the idea.
All the code is the same as in the above link except the modified code for
WebForm1.aspx that has the adsi script.
<%@ Page language="vb" AutoEventWireup="false"
CodeBehind="WebForm1.aspx.vb" Inherits="FormsAuthAd.WebForm1" %>
<%@ Import Namespace="System.Security.Principal" %>
<HTML>
<body>
<form id="Form1" method="post" runat="server">
<P>
<asp:Label ID="lblName" Runat="server" /><br>
<asp:Label ID="lblAuthType" Runat="server" /></P>
<P>
<asp:Label id="Label1" runat="server">Label</asp:Label></P>
</form>
<script runat="server">
sub Page_Load(sender as object, e as EventArgs)
lblName.Text = "Hello " + Context.User.Identity.Name & "."
lblAuthType.Text = "You were authenticated using " &
Context.User.Identity.AuthenticationType & "."
end sub
</script>
<%
Dim ObjOU as Object
objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com")
objOU.Delete "user", "cn=MyerKen"
%>
End
</body>
</HTML>
Alternatively is there a way of getting the password from the encrypted
authentication ticket in the cookie generated. I could use this with the
OpenDSObject method to bing to ADS with the new credentials.
-- Message posted via http://www.dotnetmonster.com
- Previous message: Todd M. Taylor: "Multiple Roles with Multiple Clients"
- Next in thread: Naveen K Kohli: "Re: Impersonation with Forms Authentication"
- Reply: Naveen K Kohli: "Re: Impersonation with Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
