Re: Using WindowsTokenRoleProvider with Forms Authentication ...

I don't, but post the question on the message board at
www.directoryprogramming.net and I'm sure Ryan will respond directly.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Naraendirakumar R.R." <nospam@xxxxxxxxxx> wrote in message
news:%23sL$Zr8UIHA.6060@xxxxxxxxxxxxxxxxxxxxxxx
Hi Joe:
Thank you for responding.

I can't seem to located the code you are referring to on codeplex. Would
you happen to have a link handy?

Cheers,
-Naraen
http://naraen.spaces.live.com


"Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ODKpS%235UIHA.5508@xxxxxxxxxxxxxxxxxxxxxxx
You might want to check out Ryan Dunn's LDAP-based AD role provider on
CodePlex. It works as a nice compliment to the AD membership provider.

Another option is to use protocol transition logon (new
WindowsIdentity(upnString)) to generate a token for the authenticated
user using their UPN and then perform role checks against that. However,
that requires 2003+ web servers and a 2003 native mode AD forest.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Dominick Baier" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:8e6a913a1b66b8ca218b69669fc0@xxxxxxxxxxxxxxxxxxxxx
thats true.


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)

Hi:
Has anybody managed to do this? We have setup forms authentication
to
validate against AD. We'd like to use AD for roles based
authorization.
The documentation on ASP.NET leads me to believe
WindowsTokenRoleProvider is possible only if I use Integrated Windows
Authentication?

Thank you for your help.

Cheers,
-Naraen
http://naraen.spaces.live.com








.

Relevant Pages

  • Re: login control blues
    ... you really don't want to use S.DS for authentication. ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... a pre-compiled dll. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Calling NetUserGetInfo from ASP.NET app
    ... Also, when using basic auth, you aren't really using Kerberos delegation ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Not sure if I like this method, but I switched to basic authentication ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Web Single Sign On
    ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... current Windows credentials to the server, ... This common identity is the user's username used to logon to the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Changing ADAM user password
    ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... Running the bind from another W2K3SP1 machine ... support in digest or something like that. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ASP.net authentication from external LDAP server
    ... Do you want to do forms authentication? ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.dotnet.framework.aspnet.security)