Re: How to capture network login using ASP.NET

Thanks Nicole for your reply.

Some modules of the application are supposed to be accessed externally.
So I am trying to avoid two things. The nuisance caused by login and
having two instances of the application.

Is it possible to acheive that?

Thanks

Nicole Calinoiu wrote:
You'll need to disable anonymous access to the home page if you wish the
client user's to be authenticated on that page. If you're running an
intranet application, there's usually little reason not to do this.
However, if your application is meant to be used by external users, this may
cause problems for users that either do not have accounts on your network or
for whom logging in to view the home page might be seen as a nuisance.


<mchemsi@xxxxxxxxx> wrote in message
news:1167801132.364785.272350@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,

I'm currently maintaining an ASP.NET application with not much
knowledge about .NET. So any help would be greatly appreciated.

The application is access internally and has different modules in it,
most modules are available to all users. However, some should be only
available to paticular users (like the admin section).

Web Application:
|----->Module 1
|----->Module 2
|----->Module 3
|----->Module 4
|----->Admin Module (Need to be restricted based on network id)

Currently, the home page does not have any menu link to the admin
section and if you know the path you can access without a problem. I am
trying to avoid using a web form to login to that section and use the
network login as an authentication.

I would like to add a link in the menu to the admin module and make
visible only if USER1 for an example is accessing the page.

I have tried using
System.Security.Principal.WindowsIdentity.GetCurrent().Name but i get
the IUSR... accout on the server. I also tried
HttpContext.Current.User.Identity.Name but that does not return
anything.

THE ENVIRONMENT:
- Novell Network (Webserver without Novell client).
- Web App Setting:
+ Anonymous Access is enabled
+ Integrated Windows Authentication is checked.
- Web Config Setting:
+ <authentication mode="Windows" />
+ <identity impersonate="true" />
+ <authorization> <allow users="*" /> </authorization>

Thanks in advance.

Cheers,

Mehdi Chemsi


.

Relevant Pages

  • Re: Workstation Locked out!
    ... to the network if you are logged in as a domain admin. ... network try establishing connection first or something like that. ... Now I cannot login. ...
    (microsoft.public.windows.server.sbs)
  • Re: how to start a program with a specific ID and allow to interact with desktop
    ... > Microsoft Certified Professional ... when I login on XP a as admin, ... other uses in the XP network can not connect to the ...
    (microsoft.public.windowsxp.configuration_manage)
  • Re: how to start a program with a specific ID and allow to interact with desktop
    ... | connect with the legacy client.. ... when I login on XP a as admin, the system tray does not show ... other uses in the XP network can not connect to the ...
    (microsoft.public.windowsxp.configuration_manage)
  • Re: passwork no longer works after change domain to workgroup
    ... Take the computer back to the network where the domain is, and ask the admin ... > welcome login menu, I can login ABC with password XXX. ... > no longer can login with username ABC with password XXX. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: priviledge escalation techniques
    ... you've all the tools you need, and you can install additional ones (to ... If I press that BEFORE login, a CLI as SYSTEM is started, I can launch ... If the network is switched, perhaps you need an ARP poisoning tool. ... switches) in such a way that you can fool an ARP poisoning attempt. ...
    (Pen-Test)