Authenticate user is in local NT group

Discussion in 'ASP .Net Security' started by Bob, Nov 18, 2005.

  1. Bob

    Bob Guest

    I have an IIS server (Windows Server 2003) on an NT domain. I have an ASPX
    page (using C# and .NET 2.0) which queries a bunch of files (an index server
    query) and then displays links of the matching files to the user. The links
    are network UNC paths into the same server. The share is secured by a local
    NT group which I can populate with domain NT groups and users.

    However, though the files themselves are protected, any user can go to the
    query page and submit a query (even though they cannot see the file
    contents). Basically I need a way to determine if the user (anonymous users
    are disabled) is within the local NT group I have created. Currently to
    perform this authentication I simply try to open a known file on the share
    within the ASPX page (the server is impersonating the user). If the file
    open fails, then the user is not authenticated. Though this has been
    working fine, I would like to write C# in the ASPX page which authenticates
    the user "the right way."

    Can somebody please tell me what is the correct ASPX method for
    authenticating the current user in a local NT group?

    Thanks
     
    Bob, Nov 18, 2005
    #1
    1. Advertising

  2. Hello Bob,

    simply call Page.User.IsInRole("MachineName\GroupName");

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > I have an IIS server (Windows Server 2003) on an NT domain. I have an
    > ASPX page (using C# and .NET 2.0) which queries a bunch of files (an
    > index server query) and then displays links of the matching files to
    > the user. The links are network UNC paths into the same server. The
    > share is secured by a local NT group which I can populate with domain
    > NT groups and users.
    >
    > However, though the files themselves are protected, any user can go to
    > the query page and submit a query (even though they cannot see the
    > file contents). Basically I need a way to determine if the user
    > (anonymous users are disabled) is within the local NT group I have
    > created. Currently to perform this authentication I simply try to
    > open a known file on the share within the ASPX page (the server is
    > impersonating the user). If the file open fails, then the user is not
    > authenticated. Though this has been working fine, I would like to
    > write C# in the ASPX page which authenticates the user "the right
    > way."
    >
    > Can somebody please tell me what is the correct ASPX method for
    > authenticating the current user in a local NT group?
    >
    > Thanks
    >
     
    Dominick Baier [DevelopMentor], Nov 18, 2005
    #2
    1. Advertising

  3. Bob

    Bob Guest

    Wow that worked perfectly! Thank you so much Dominick!


    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Bob,
    >
    > simply call Page.User.IsInRole("MachineName\GroupName");
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> I have an IIS server (Windows Server 2003) on an NT domain. I have an
    >> ASPX page (using C# and .NET 2.0) which queries a bunch of files (an
    >> index server query) and then displays links of the matching files to
    >> the user. The links are network UNC paths into the same server. The
    >> share is secured by a local NT group which I can populate with domain
    >> NT groups and users.
    >>
    >> However, though the files themselves are protected, any user can go to
    >> the query page and submit a query (even though they cannot see the
    >> file contents). Basically I need a way to determine if the user
    >> (anonymous users are disabled) is within the local NT group I have
    >> created. Currently to perform this authentication I simply try to
    >> open a known file on the share within the ASPX page (the server is
    >> impersonating the user). If the file open fails, then the user is not
    >> authenticated. Though this has been working fine, I would like to
    >> write C# in the ASPX page which authenticates the user "the right
    >> way."
    >>
    >> Can somebody please tell me what is the correct ASPX method for
    >> authenticating the current user in a local NT group?
    >>
    >> Thanks
    >>

    >
    >
     
    Bob, Nov 18, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mae
    Replies:
    1
    Views:
    325
    Natty Gur
    Jul 7, 2003
  2. =?Utf-8?B?Um9ja3k=?=

    How to Add a domain user to a local user group

    =?Utf-8?B?Um9ja3k=?=, Dec 30, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    627
    =?Utf-8?B?Um9ja3k=?=
    Dec 30, 2005
  3. andres
    Replies:
    1
    Views:
    5,339
    dgoyani
    Oct 23, 2007
  4. Chad Dressler
    Replies:
    0
    Views:
    674
    Chad Dressler
    Dec 30, 2006
  5. soler
    Replies:
    0
    Views:
    258
    soler
    May 25, 2006
Loading...

Share This Page