Re: Windows Authentification against a list of users

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 06/24/03 

Date: Mon, 23 Jun 2003 23:09:21 -0500

One thing you might do would be to validate against a group in the domain
your are authenticating against. Then, you could use the group name under
the allow tag with the Roles attribute. You would be using the AD or domain
as your list of allowed users instead of your database though.

If you absolutely need to validate against a database, you might consider
using Forms authentication instead of Windows authentication and creating
custom roles from your database. Another thing you might do would be to
build a new GenericPrincipal object in the AuthenticateRequest event that
contains role information from your database and then validate against those
roles in the web.config. That would allow you to combine Windows
authentication with a custom database-based authorization scheme.

There are lots of options. I hope this gives you some ideas.

Joe K.

"tom johnson" <tom@usa.net> wrote in message
news:eHlXojeODHA.2228@tk2msftngp13.phx.gbl...
> Hello all,
>
> i'm sure i'm not the only one that what to do that.
> I want to use windows authentification for validate the
> user password but i wan't to check if the user is a valid
> user in my database.
>
> so i have this piece of code in my web.config
> <authentication mode="Windows" />
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
>
> but for the validation against the db... i just don't know.
>
> can somebody give me a hint for the validation in db.
> Just the where and how.... (for validation.. not for
> access to db)
>
> I know that the list of users can be store in web.config
> but i need a dynamic list of user so I store it in the db
>
> thanks... and have a nice day
>
>

Relevant Pages