Forms Authentication - Active Directory

Discussion in 'ASP .Net Security' started by oriol.ardevol@gmail.com, Jun 11, 2007.

  1. Guest

    Hi,

    I have an asp.net 2.0 application with forms authentication. I am
    authenticating the users to an Active Directory Server with
    ActiveDirectoryMembershipProvider which works as expected and users
    get authenticated.

    What I am trying to do is to get also the role information from the
    Active Directory Server with the groups where the users belong to.

    Is there any way to achieve it ? Can it be done by enabling some
    provider in the role manager section of the web.config file ?

    any help will be appreciated, thx in advance,
    ori
    , Jun 11, 2007
    #1
    1. Advertising

  2. On Jun 11, 10:48 am, wrote:
    > Hi,
    >
    > I have an asp.net 2.0 application with forms authentication. I am
    > authenticating the users to an Active Directory Server with
    > ActiveDirectoryMembershipProvider which works as expected and users
    > get authenticated.
    >
    > What I am trying to do is to get also the role information from the
    > Active Directory Server with the groups where the users belong to.
    >
    > Is there any way to achieve it ? Can it be done by enabling some
    > provider in the role manager section of the web.config file ?
    >
    > any help will be appreciated, thx in advance,
    > ori


    You would need a role provider.

    WindowsTokenRoleProvider for using Active Directory groups as roles
    AuthorizationStoreProvider - for Windows 2003 and ADAM
    SqlRoleProvider for storing roles in SQL Server

    More about WindowsTokenRoleProvider
    http://msdn2.microsoft.com/en-us/library/system.web.security.windowstokenroleprovider.aspx
    Alexey Smirnov, Jun 11, 2007
    #2
    1. Advertising

  3. They are all not very helpful in your situation.

    The WindowsTokenRoleProvider only works with windows auth - not forms.

    Ryan an me have written an ActiveDirectoryRoleProvider - which seems to work
    for most people...

    i can send you the code if you are interested...


    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > On Jun 11, 10:48 am, wrote:
    >
    >> Hi,
    >>
    >> I have an asp.net 2.0 application with forms authentication. I am
    >> authenticating the users to an Active Directory Server with
    >> ActiveDirectoryMembershipProvider which works as expected and users
    >> get authenticated.
    >>
    >> What I am trying to do is to get also the role information from the
    >> Active Directory Server with the groups where the users belong to.
    >>
    >> Is there any way to achieve it ? Can it be done by enabling some
    >> provider in the role manager section of the web.config file ?
    >>
    >> any help will be appreciated, thx in advance,
    >> ori

    > You would need a role provider.
    >
    > WindowsTokenRoleProvider for using Active Directory groups as roles
    > AuthorizationStoreProvider - for Windows 2003 and ADAM SqlRoleProvider
    > for storing roles in SQL Server
    >
    > More about WindowsTokenRoleProvider
    > http://msdn2.microsoft.com/en-us/library/system.web.security.windowsto
    > kenroleprovider.aspx
    Dominick Baier, Jun 11, 2007
    #3
  4. Guest

    I had already tried those solutions.

    WindowsTokenAuthenticationProvider does'nt works for Forms
    Authentication as Dominick pointed, and I couldn't managed to get
    AuthorizationStoreProvider to work (ended up getting some weird
    COMException error which I already posted in this group last week)

    Finally, I developed my own role provider which accesed the active
    directory and got the role information.

    Thanks for everything,
    ori
    , Jun 11, 2007
    #4
  5. On Jun 11, 1:06 pm, wrote:
    > I had already tried those solutions.
    >
    > WindowsTokenAuthenticationProvider does'nt works for Forms
    > Authentication as Dominick pointed, and I couldn't managed to get
    > AuthorizationStoreProvider to work (ended up getting some weird
    > COMException error which I already posted in this group last week)
    >
    > Finally, I developed my own role provider which accesed the active
    > directory and got the role information.
    >
    > Thanks for everything,
    > ori


    Ah, yes, Dominick and you were right, I've missed that you asked about
    the Forms Authentication. Sorry!
    Alexey Smirnov, Jun 11, 2007
    #5
  6. Joe Kaplan Guest

    FYI, Ryan's LDAP-based AD/ADAM Role Provider is posted on Code Plex now in
    case anyone wants it or wishes to contribute.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in
    message news:...
    > They are all not very helpful in your situation.
    >
    > The WindowsTokenRoleProvider only works with windows auth - not forms.
    >
    > Ryan an me have written an ActiveDirectoryRoleProvider - which seems to
    > work for most people...
    >
    > i can send you the code if you are interested...
    >
    >
    > -----
    > Dominick Baier (http://www.leastprivilege.com)
    >
    > Developing More Secure Microsoft ASP.NET 2.0 Applications
    > (http://www.microsoft.com/mspress/books/9989.asp)
    >
    >> On Jun 11, 10:48 am, wrote:
    >>
    >>> Hi,
    >>>
    >>> I have an asp.net 2.0 application with forms authentication. I am
    >>> authenticating the users to an Active Directory Server with
    >>> ActiveDirectoryMembershipProvider which works as expected and users
    >>> get authenticated.
    >>>
    >>> What I am trying to do is to get also the role information from the
    >>> Active Directory Server with the groups where the users belong to.
    >>>
    >>> Is there any way to achieve it ? Can it be done by enabling some
    >>> provider in the role manager section of the web.config file ?
    >>>
    >>> any help will be appreciated, thx in advance,
    >>> ori

    >> You would need a role provider.
    >>
    >> WindowsTokenRoleProvider for using Active Directory groups as roles
    >> AuthorizationStoreProvider - for Windows 2003 and ADAM SqlRoleProvider
    >> for storing roles in SQL Server
    >>
    >> More about WindowsTokenRoleProvider
    >> http://msdn2.microsoft.com/en-us/library/system.web.security.windowsto
    >> kenroleprovider.aspx

    >
    >
    Joe Kaplan, Jun 11, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. techfuzz
    Replies:
    1
    Views:
    1,322
    Yan-Hong Huang[MSFT]
    Aug 12, 2003
  2. Marty Underwood

    Forms Authentication +Active Directory +Roles

    Marty Underwood, Oct 29, 2003, in forum: ASP .Net
    Replies:
    4
    Views:
    697
    Marty Underwood
    Oct 30, 2003
  3. - Steve -
    Replies:
    7
    Views:
    2,354
    - Steve -
    Jun 4, 2004
  4. =?Utf-8?B?RWdiZXJ0?=

    Asp.Net Forms authentication using Active Directory

    =?Utf-8?B?RWdiZXJ0?=, Nov 3, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    525
    =?Utf-8?B?RWdiZXJ0?=
    Nov 3, 2004
  5. Tdar
    Replies:
    2
    Views:
    8,891
    Arnel
    Oct 11, 2005
Loading...

Share This Page