Re: Windows Authentification against a list of users

From: Tom Johnson (tom_at_usa.net)
Date: 06/25/03


Date: Wed, 25 Jun 2003 12:47:10 -0400


Hello Joe

An internal reglement demand me to implement Nt security so i need to use
WindowsAuthentification. But a personnel idea is to save roles and groups in
the db instead of calling IT swat ;) to manage NT groups for to users so i
think that's better to store those info. in the db.

i'm building my custom GenericPrincipal in the
WindowsAuthentication_OnAuthenticate or in the
Application_AuthenticateRequest so i can retreive user info in the db but
the only things that i don't know is how to manage my invalid user.. i need
to inform them that they are not allowed in my apps. so i need to redirect
them to an invalid access page but i fall in a loop if i redirect them..
So i transfert them.. but i don't wan't to test against the db on all
request.. but i think that
i've no way to know if it's the first time that i test it.. because de
session
state is not load at this moment..

an idea?

thanks

"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> a écrit
dans le message de news:OhIGlZgODHA.2312@TK2MSFTNGP12.phx.gbl...
> One thing you might do would be to validate against a group in the domain
> your are authenticating against. Then, you could use the group name under
> the allow tag with the Roles attribute. You would be using the AD or
domain
> as your list of allowed users instead of your database though.
>
> If you absolutely need to validate against a database, you might consider
> using Forms authentication instead of Windows authentication and creating
> custom roles from your database. Another thing you might do would be to
> build a new GenericPrincipal object in the AuthenticateRequest event that
> contains role information from your database and then validate against
those
> roles in the web.config. That would allow you to combine Windows
> authentication with a custom database-based authorization scheme.
>
> There are lots of options. I hope this gives you some ideas.
>
> Joe K.
>
> "tom johnson" <tom@usa.net> wrote in message
> news:eHlXojeODHA.2228@tk2msftngp13.phx.gbl...
> > Hello all,
> >
> > i'm sure i'm not the only one that what to do that.
> > I want to use windows authentification for validate the
> > user password but i wan't to check if the user is a valid
> > user in my database.
> >
> > so i have this piece of code in my web.config
> > <authentication mode="Windows" />
> > <authorization>
> > <deny users="?" />
> > <allow users="*" />
> > </authorization>
> >
> > but for the validation against the db... i just don't know.
> >
> > can somebody give me a hint for the validation in db.
> > Just the where and how.... (for validation.. not for
> > access to db)
> >
> > I know that the list of users can be store in web.config
> > but i need a dynamic list of user so I store it in the db
> >
> > thanks... and have a nice day
> >
> >
>
>



Relevant Pages

  • Re: Sql Server Login
    ... firstly I was under the impression SQL authenticaiton will be better ... But now I know windows authentication is recommended. ... Now my application is ready and talking to this database in MSDE. ...
    (microsoft.public.sqlserver.msde)
  • Re: Authenticating domain users
    ... Is it a Web Application or a Windows ... network authentication based upon the model used. ... and now I want to access the database. ... > password be set to the the user's domain username and password? ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Windows Authentification against a list of users
    ... One thing you might do would be to validate against a group in the domain ... If you absolutely need to validate against a database, ... using Forms authentication instead of Windows authentication and creating ...
    (microsoft.public.dotnet.security)
  • Re: authentication
    ... Forms Authentication. ... My authentication is currently from my database. ... authentication options, for example, database, windows and ADSI. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Authorization question, w/ "Windows" authentication mode
    ... im familar w/ *forms* based authentication, ... all users use the windows network to login, ... bring up my webapp. ... which means a hit to the database to get the ...
    (microsoft.public.dotnet.framework.aspnet.security)