Best practice for extranet users

Discussion in 'ASP .Net Security' started by James, Aug 6, 2004.

  1. James

    James Guest

    We want to give access to regional staff across the country to a database
    that only supports Windows Authentication.
    The staff should only see data from their own region. So the database needs
    to know who exactly the user is, so that it filters out the data accordingly.

    We do not have a nationwide Windows network, so we cannot use IIS Windows
    Auth.

    Assuming we'd be using Forms Auth, how can we pass on the user identity to
    this database? In other words, how can we assign each individual user to a
    unique Windows account that would uniquely identify the user to the database?

    (The database is MS Analysis Services)
     
    James, Aug 6, 2004
    #1
    1. Advertising

  2. James

    [MSFT] Guest

    Hello,

    For such a situation, Form authentication seems to be the only choice. Here
    is a article about how valid windows account within Form Authentication:

    How to authenticate against the Active Directory by using Forms
    authentication and Visual C# .NET
    http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q316748

    After the authentication, we need impersonate current user's account to
    access the database. Here is an article about this:

    INFO: Implementing Impersonation in an ASP.NET Application
    http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q306158

    Hope this help,

    Luke
     
    [MSFT], Aug 6, 2004
    #2
    1. Advertising

  3. James

    James Guest

    Looks like what I'm looking for, I'll try it out.
    Thanks.

    "[MSFT]" wrote:

    > Hello,
    >
    > For such a situation, Form authentication seems to be the only choice. Here
    > is a article about how valid windows account within Form Authentication:
    >
    > How to authenticate against the Active Directory by using Forms
    > authentication and Visual C# .NET
    > http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q316748
    >
    > After the authentication, we need impersonate current user's account to
    > access the database. Here is an article about this:
    >
    > INFO: Implementing Impersonation in an ASP.NET Application
    > http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q306158
    >
    > Hope this help,
    >
    > Luke
    >
    >
     
    James, Aug 6, 2004
    #3
  4. James

    [MSFT] Guest

    You are welcome. If there is further questions, please feel free to post
    here.

    Luke
     
    [MSFT], Aug 9, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    886
  2. =?Utf-8?B?Sm9l?=

    Extranet website and Security

    =?Utf-8?B?Sm9l?=, Jun 18, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    448
    Juan T. Llibre
    Jun 19, 2005
  3. asdf
    Replies:
    1
    Views:
    419
    DKode
    Feb 15, 2006
  4. Simon Wigzell

    ASP Extranet

    Simon Wigzell, Apr 1, 2004, in forum: ASP General
    Replies:
    0
    Views:
    119
    Simon Wigzell
    Apr 1, 2004
  5. oldyork90
    Replies:
    1
    Views:
    161
    Jeremy J Starcher
    Sep 10, 2008
Loading...

Share This Page