Re: Authenticate user is in local NT group

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 11/18/05

  • Next message: Bob: "Re: Authenticate user is in local NT group"
    Date: Thu, 17 Nov 2005 16:25:38 -0800
    
    

    Hello Bob,

    simply call Page.User.IsInRole("MachineName\GroupName");

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > I have an IIS server (Windows Server 2003) on an NT domain. I have an
    > ASPX page (using C# and .NET 2.0) which queries a bunch of files (an
    > index server query) and then displays links of the matching files to
    > the user. The links are network UNC paths into the same server. The
    > share is secured by a local NT group which I can populate with domain
    > NT groups and users.
    >
    > However, though the files themselves are protected, any user can go to
    > the query page and submit a query (even though they cannot see the
    > file contents). Basically I need a way to determine if the user
    > (anonymous users are disabled) is within the local NT group I have
    > created. Currently to perform this authentication I simply try to
    > open a known file on the share within the ASPX page (the server is
    > impersonating the user). If the file open fails, then the user is not
    > authenticated. Though this has been working fine, I would like to
    > write C# in the ASPX page which authenticates the user "the right
    > way."
    >
    > Can somebody please tell me what is the correct ASPX method for
    > authenticating the current user in a local NT group?
    >
    > Thanks
    >


  • Next message: Bob: "Re: Authenticate user is in local NT group"