Re: newbie help - Active Directory Membership Provider
- From: SpaceMarine <spacemarine@xxxxxxxxxxxxxx>
- Date: Wed, 21 May 2008 11:46:30 -0700 (PDT)
On May 21, 12:14 am, "Joe Kaplan"
<joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Basically, I was just trying to say that there is no role provider that
comes with ASP.NET that works with AD groups by default except for the
WindowsTokenRoleProvider, but that provider requires that you use
Windows/IIS for authentication instead of forms auth.
...
If you don't need the AD group for authorization, then you can use whatever
role provider you want.
I hope that clarifies what I was trying to say. :)
not sure yet! i guess what i'm trying to understand is whether one can
use *both* of these:
1) the user's AD group, which im getting automatically now from the
Integrated Windows Authentication's User object --
User.IsInRole("MyHighLevelGroup") -- as a rudimentary authororization
role. and then
2) another db-based membership provider, for my app-specific roles;
such as "ReadOnly", "SearchOnly", "FullAccess", etc..
...in this way I can do rudimentary filtering out based on AD group,
and perform more granular control w/i my app's custom roles, which i
can store in our app db.
make sense?
thanks,
sm
.
- References:
- newbie help - Active Directory Membership Provider
- From: SpaceMarine
- Re: newbie help - Active Directory Membership Provider
- From: SpaceMarine
- Re: newbie help - Active Directory Membership Provider
- From: Joe Kaplan
- Re: newbie help - Active Directory Membership Provider
- From: SpaceMarine
- Re: newbie help - Active Directory Membership Provider
- From: Joe Kaplan
- newbie help - Active Directory Membership Provider
- Prev by Date: Re: VPN & Windows authentication
- Next by Date: Re: VPN & Windows authentication
- Previous by thread: Re: newbie help - Active Directory Membership Provider
- Next by thread: WindowsIdentity Question
- Index(es):
Relevant Pages
|
