A
Alexander Stojakovic
Dear collegues!
I am trying to create a single Login Application, that can either
authenticate against a database or against ADSI. Intenal users
can have both an NT Account and anotherone (AppAccount)
in the database (as clients would normaly have) and should be
able to decide which one to use. However (you know how
clients are) should an automatic authentication against ADSI
be tried at first.
So I created 2 web forms Login.aspx (Anonymous Access)
and LoginNtlm.aspx (Integrated Security)
First the user hits Login.aspx, where I check his IP address to
see if the request comes from within my network (in this case
I can be sure, that the user is not a client and therefore has
an ADSI account) or from outside (user can be an employee
or client).
If the user comes from outside Login.aspx is displayed and the
user can authenticate against the database or click on a link to
LoginNtlm.aspx to authenticate against ADSI.
If the request is internal the user is automaticaly redirected to
LoginNtlm.aspx. If the user has configured his browser as we
expect it he will be prompted to enter his NT credentials. If the
user decides not to use his NT account, but instead wants to
enter with his AppAccount (for special purposes or test purposes)
he should be able to click Cancel and then be redirected to the
Login.aspx.
My problem now is, that I didn't find a way to catch the 401.2 error
on LoginNtlm.apsx to be able to redirect the usere as required,
best regards
Sascha
I am trying to create a single Login Application, that can either
authenticate against a database or against ADSI. Intenal users
can have both an NT Account and anotherone (AppAccount)
in the database (as clients would normaly have) and should be
able to decide which one to use. However (you know how
clients are) should an automatic authentication against ADSI
be tried at first.
So I created 2 web forms Login.aspx (Anonymous Access)
and LoginNtlm.aspx (Integrated Security)
First the user hits Login.aspx, where I check his IP address to
see if the request comes from within my network (in this case
I can be sure, that the user is not a client and therefore has
an ADSI account) or from outside (user can be an employee
or client).
If the user comes from outside Login.aspx is displayed and the
user can authenticate against the database or click on a link to
LoginNtlm.aspx to authenticate against ADSI.
If the request is internal the user is automaticaly redirected to
LoginNtlm.aspx. If the user has configured his browser as we
expect it he will be prompted to enter his NT credentials. If the
user decides not to use his NT account, but instead wants to
enter with his AppAccount (for special purposes or test purposes)
he should be able to click Cancel and then be redirected to the
Login.aspx.
My problem now is, that I didn't find a way to catch the 401.2 error
on LoginNtlm.apsx to be able to redirect the usere as required,
best regards
Sascha