Authentication 101

Discussion in 'ASP .Net Security' started by Guest, Mar 3, 2005.

  1. Guest

    Guest Guest

    Hi All

    I am new to .NET, this could be a very basic question
    I would like to write a login page to capture username / password, and then
    use window authentication to authenticate the user. I have done some
    readings and come across with IPrinciple, WindowPrinciple .... but can
    someone show me some sample code or a pointer to a documentation showing
    some sample code, on what exactly to be used to perform a basic
    authentication?

    Thankyou very much.
    dl

    --
    Guest, Mar 3, 2005
    #1
    1. Advertising

  2. Windows authentication is designed to work with the built-in browser
    features to do authentication, not forms authentication. If you need to,
    you can write your own forms authentication provider to do so, but you'll
    have to do a lot of extra work to get this. Is it really necessary?

    I'd suggest using the LogonUser API or SSPI to create a WindowsPrincipal
    based on a username and password. Both of those will require p/invoke code
    though. There are numerous samples available online.

    Joe K.

    <dl> wrote in message news:...
    > Hi All
    >
    > I am new to .NET, this could be a very basic question
    > I would like to write a login page to capture username / password, and
    > then
    > use window authentication to authenticate the user. I have done some
    > readings and come across with IPrinciple, WindowPrinciple .... but can
    > someone show me some sample code or a pointer to a documentation showing
    > some sample code, on what exactly to be used to perform a basic
    > authentication?
    >
    > Thankyou very much.
    > dl
    >
    > --
    >
    >
    >
    Joe Kaplan \(MVP - ADSI\), Mar 3, 2005
    #2
    1. Advertising

  3. Guest

    jyjohnson Guest

    Perhaps this will work:
    http://www.codeproject.com/aspnet/ASPdotnet_LoginControl.asp

    "dl" wrote:

    > Hi All
    >
    > I am new to .NET, this could be a very basic question
    > I would like to write a login page to capture username / password, and then
    > use window authentication to authenticate the user. I have done some
    > readings and come across with IPrinciple, WindowPrinciple .... but can
    > someone show me some sample code or a pointer to a documentation showing
    > some sample code, on what exactly to be used to perform a basic
    > authentication?
    >
    > Thankyou very much.
    > dl
    >
    > --
    >
    >
    >
    >
    jyjohnson, Mar 3, 2005
    #3
  4. Guest

    Guest Guest

    Thanks.
    After test driving a sample window authentication, I found I would need the
    form authentication instead, but can I do it using LDAP ...?

    /dl
    "Joe Kaplan (MVP - ADSI)" <> wrote
    in message news:%...
    > Windows authentication is designed to work with the built-in browser
    > features to do authentication, not forms authentication. If you need to,
    > you can write your own forms authentication provider to do so, but you'll
    > have to do a lot of extra work to get this. Is it really necessary?
    >
    > I'd suggest using the LogonUser API or SSPI to create a WindowsPrincipal
    > based on a username and password. Both of those will require p/invoke

    code
    > though. There are numerous samples available online.
    >
    > Joe K.
    >
    > <dl> wrote in message news:...
    > > Hi All
    > >
    > > I am new to .NET, this could be a very basic question
    > > I would like to write a login page to capture username / password, and
    > > then
    > > use window authentication to authenticate the user. I have done some
    > > readings and come across with IPrinciple, WindowPrinciple .... but can
    > > someone show me some sample code or a pointer to a documentation showing
    > > some sample code, on what exactly to be used to perform a basic
    > > authentication?
    > >
    > > Thankyou very much.
    > > dl
    > >
    > > --
    > >
    > >
    > >

    >
    >
    Guest, Mar 4, 2005
    #4
  5. Do you want a WindowsPrincipal or are you ok with some type of generic
    IPrincipal? If generic is ok, then you can just use LDAP. I'd still
    suggest going the other route if you can, but that is up to you.

    A quick Google search for Forms authentication and LDAP should turn up some
    of the MS samples. They are not great, but they should get you started.

    I still don't understand what's so important about forms authentication, but
    I guess some people really want that in their applications. I'd rather not
    have all the extra code to worry about if I don't need it, but that's just
    me I guess.

    Joe K.

    <dl> wrote in message news:...
    > Thanks.
    > After test driving a sample window authentication, I found I would need
    > the
    > form authentication instead, but can I do it using LDAP ...?
    >
    > /dl
    > "Joe Kaplan (MVP - ADSI)" <> wrote
    > in message news:%...
    >> Windows authentication is designed to work with the built-in browser
    >> features to do authentication, not forms authentication. If you need to,
    >> you can write your own forms authentication provider to do so, but you'll
    >> have to do a lot of extra work to get this. Is it really necessary?
    >>
    >> I'd suggest using the LogonUser API or SSPI to create a WindowsPrincipal
    >> based on a username and password. Both of those will require p/invoke

    > code
    >> though. There are numerous samples available online.
    >>
    >> Joe K.
    >>
    >> <dl> wrote in message news:...
    >> > Hi All
    >> >
    >> > I am new to .NET, this could be a very basic question
    >> > I would like to write a login page to capture username / password, and
    >> > then
    >> > use window authentication to authenticate the user. I have done some
    >> > readings and come across with IPrinciple, WindowPrinciple .... but can
    >> > someone show me some sample code or a pointer to a documentation
    >> > showing
    >> > some sample code, on what exactly to be used to perform a basic
    >> > authentication?
    >> >
    >> > Thankyou very much.
    >> > dl
    >> >
    >> > --
    >> >
    >> >
    >> >

    >>
    >>

    >
    >
    Joe Kaplan \(MVP - ADSI\), Mar 4, 2005
    #5
  6. Guest

    JYJ Guest

    Joe -- Per a previous post, I can't create a new thread to use the
    user's identity (I think it is always using the aspnet service account
    identity). This thread needs to run a long-running process ( ~5
    minutes) and then write some files out to a share on another server. If
    I try the process without having it run on a new thread it works (well,
    the files are created; I skip the long process so I could test it).

    I've read some things about LogonUser, ReverttoSelf in advapi32, but I
    can't get it to work...

    Any ideas??!! <<Thanks>>
    JYJ, Mar 8, 2005
    #6
  7. This is a limitation of the way Thread.Start works in .NET 1.1. Dominick
    Baier posted a fix that shows how to overcome this by passing the
    WindowsIdentity you want to impersonate as a parameter on Thread.Start and
    then calling WindowsIdentity.Impersonate on it. I'd suggest doing a quick
    Google groups search to find this. It was within the last week.

    You should not need to call LogonUser or RevertToSelf directly within your
    thread code if you have the WindowsIdentity that you want to impersonate
    already.

    HTH,

    Joe K.

    "JYJ" <> wrote in message
    news:...
    > Joe -- Per a previous post, I can't create a new thread to use the
    > user's identity (I think it is always using the aspnet service account
    > identity). This thread needs to run a long-running process ( ~5
    > minutes) and then write some files out to a share on another server. If
    > I try the process without having it run on a new thread it works (well,
    > the files are created; I skip the long process so I could test it).
    >
    > I've read some things about LogonUser, ReverttoSelf in advapi32, but I
    > can't get it to work...
    >
    > Any ideas??!! <<Thanks>>
    >
    Joe Kaplan \(MVP - ADSI\), Mar 8, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kivak Wolf

    Drop down list 101

    Kivak Wolf, Oct 12, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    327
    Ken Cox [Microsoft MVP]
    Oct 12, 2005
  2. TheCoder
    Replies:
    1
    Views:
    375
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Dec 2, 2005
  3. =?Utf-8?B?am9uZWZlcg==?=

    101 Question - Passing a value from one page to another

    =?Utf-8?B?am9uZWZlcg==?=, Dec 22, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    434
    uttara
    Dec 22, 2005
  4. Replies:
    0
    Views:
    617
  5. Kasu Nai

    Java 101 - Method Calls

    Kasu Nai, Jul 2, 2003, in forum: Java
    Replies:
    1
    Views:
    1,037
    Doug Pardee
    Jul 2, 2003
Loading...

Share This Page