Re: Impersonation with Forms Authentication
From: Naveen K Kohli (naveenkohli_at_hotmail.com)
Date: 03/26/05
- Next message: Steven K0: "Newbie: NT Authentication"
- Previous message: Paul Glavich [MVP ASP.NET]: "Re: Web forms authentication, should I use it?"
- In reply to: Paul Gregory via DotNetMonster.com: "Impersonation with Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 26 Mar 2005 09:00:10 -0500
See if this helps..
http://www.netomatix.com/ImpersonateUser.aspx
Naveen K Kohli
"Paul Gregory via DotNetMonster.com" <forum@DotNetMonster.com> wrote in
message news:9fd408da4f404d81946d564d0fb685fc@DotNetMonster.com...
> Can anybody help, I?m pretty new to .NET but followed the instructions for
> the following.
>
> How to authenticate against the Active Directory by using forms
> authentication and Visual Basic .NET
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;326340
>
> Got the authentication working but when redirected from the login page to
> the requested form ?WebForm1.aspx? I can?t get any scripts to run in the
> context of the authenticated user.
> E.G I bind to Active Directory and try deleting a user, I get a ?General
> Access Denied? error. Even though Context.User.Identity.Name displays the
> name of the logged in user, the code is still using the credentials of the
> anonymous account that has only read permissions to ads. When I change
> this account to one with more permissions it works fine.
> How can I run scripts (e.g.) ADSI that uses the credentials of the user I
> logged in with, I thought this was the idea.
> All the code is the same as in the above link except the modified code for
> WebForm1.aspx that has the adsi script.
>
> <%@ Page language="vb" AutoEventWireup="false"
> CodeBehind="WebForm1.aspx.vb" Inherits="FormsAuthAd.WebForm1" %>
> <%@ Import Namespace="System.Security.Principal" %>
> <HTML>
> <body>
> <form id="Form1" method="post" runat="server">
> <P>
> <asp:Label ID="lblName" Runat="server" /><br>
> <asp:Label ID="lblAuthType" Runat="server" /></P>
> <P>
> <asp:Label id="Label1" runat="server">Label</asp:Label></P>
> </form>
> <script runat="server">
> sub Page_Load(sender as object, e as EventArgs)
> lblName.Text = "Hello " + Context.User.Identity.Name & "."
> lblAuthType.Text = "You were authenticated using " &
> Context.User.Identity.AuthenticationType & "."
>
> end sub
> </script>
>
> <%
>
> Dim ObjOU as Object
>
> objOU = GetObject("LDAP://ou=hr,dc=fabrikam,dc=com")
>
> objOU.Delete "user", "cn=MyerKen"
>
> %>
>
> End
> </body>
> </HTML>
>
> Alternatively is there a way of getting the password from the encrypted
> authentication ticket in the cookie generated. I could use this with the
> OpenDSObject method to bing to ADS with the new credentials.
>
> --
> Message posted via http://www.dotnetmonster.com
- Next message: Steven K0: "Newbie: NT Authentication"
- Previous message: Paul Glavich [MVP ASP.NET]: "Re: Web forms authentication, should I use it?"
- In reply to: Paul Gregory via DotNetMonster.com: "Impersonation with Forms Authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
