Re: Does 'IsInRole()' check against Active Directory groups?
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 08/30/05
- Previous message: WJ: "Re: Security Warning"
- In reply to: Craig Vedur: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Next in thread: Pat: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Reply: Pat: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Aug 2005 23:11:10 -0500
Yes, definitely use the built in stuff if you can.
Generally, people do forms auth against AD if there is a technical or policy
problem with making the web server a domain member or someone really wants
forms auth and wants to torture their devs. The Ldap-based
MembershipProvider thing in .NET 2.0 should simplify this more though.
Joe K.
"Craig Vedur" <CraigVedur@discussions.microsoft.com> wrote in message
news:7B224F7E-EFE1-44D8-A1AE-72469411E086@microsoft.com...
> Thanks Joe, this worked. I have another question.
>
> Initially, i had a login page on my app and used
> System.DirectoryServices.dll to query AD to authenticate a user / pass.
>
> However, it appears that .NET handles this all for me if i disable
> anonymous
> access and use the integerated windows auth. Is this true?
>
> My app poped up a login screen for user / pass / domain.
>
>
>
> "Joe Kaplan (MVP - ADSI)" wrote:
>
>> Yes. It depends on how users are being authenticated by IIS and how you
>> have ASP.NET configured, but if your web server is a member of a domain
>> that
>> can authenticate users in your target domain and you have ASP.NET
>> configured
>> for Windows authentication, IsInRole will answer true/false for the
>> user's
>> domain groups.
>>
>> Joe K.
>>
>> "Craig Vedur" <CraigVedur@discussions.microsoft.com> wrote in message
>> news:A0DE7A20-1473-4EF8-A550-977974314D94@microsoft.com...
>> >I need to build in some role authentication for a web app... so,
>> >going
>> >to
>> > use the web.config to build my rules for the location files.
>> >
>> > my question is.. does anyone know?
>> >
>> > on my development box (out of work), i'm out XP Pro... and i've
>> > created
>> > some groups and users to test it...
>> >
>> > in the real deal, it's going to be Win 2003 Server using Active
>> > Directory..... Obviously, i dont have AD on XP Pro..... Is it the
>> > same
>> > thing? Will it work the same?
>> >
>> > Will web.config be able to recognize the groups that a user belongs to
>> > to
>> > correctly authorize viewing a page based on role authentication?
>> >
>> >
>> > So, will IsInRole() check against groups created in Active Directory on
>> > Win2003 Server?
>>
>>
>>
- Previous message: WJ: "Re: Security Warning"
- In reply to: Craig Vedur: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Next in thread: Pat: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Reply: Pat: "Re: Does 'IsInRole()' check against Active Directory groups?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
