Forms authentication <-> Windows user?

Discussion in 'ASP .Net Security' started by InspektorDerrick, Feb 2, 2005.

  1. Hi,

    I'm new in ASP.NET and I've got a question about authentication in an
    intranet application:

    I want to authentify and authorize the user by a database. Authentication
    should work like this:

    1. evaluate the windows username
    2. check if user exists in database
    yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    (roles from database)
    no -> 3.
    3. redirect to logon form
    4. check if the user exists in database
    yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    (roles from database)
    no -> securityexception or redirect

    The problem is, if I use Windows-Authentication I may not change
    Principal(?), if I use Forms-Authentication I cannot get the windows-user
    from step 1 (?)
    --
    Regards, InspektorDerrick
    InspektorDerrick, Feb 2, 2005
    #1
    1. Advertising

  2. This might help. Similar scenario to yours. A little different but the
    technique can still apply.

    http://aspalliance.com/553


    --

    - Paul Glavich
    ASP.NET MVP
    ASPInsider (www.aspinsiders.com)


    "InspektorDerrick" <> wrote in message
    news:...
    > Hi,
    >
    > I'm new in ASP.NET and I've got a question about authentication in an
    > intranet application:
    >
    > I want to authentify and authorize the user by a database. Authentication
    > should work like this:
    >
    > 1. evaluate the windows username
    > 2. check if user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> 3.
    > 3. redirect to logon form
    > 4. check if the user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> securityexception or redirect
    >
    > The problem is, if I use Windows-Authentication I may not change
    > Principal(?), if I use Forms-Authentication I cannot get the windows-user
    > from step 1 (?)
    > --
    > Regards, InspektorDerrick
    Paul Glavich [MVP ASP.NET], Feb 2, 2005
    #2
    1. Advertising

  3. InspektorDerrick

    Peng Jie Guest

    you can authenticate against the Active Directory by using Forms.

    try the link below:

    http://support.microsoft.com/?id=316748


    "InspektorDerrick" wrote:

    > Hi,
    >
    > I'm new in ASP.NET and I've got a question about authentication in an
    > intranet application:
    >
    > I want to authentify and authorize the user by a database. Authentication
    > should work like this:
    >
    > 1. evaluate the windows username
    > 2. check if user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> 3.
    > 3. redirect to logon form
    > 4. check if the user exists in database
    > yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
    > (roles from database)
    > no -> securityexception or redirect
    >
    > The problem is, if I use Windows-Authentication I may not change
    > Principal(?), if I use Forms-Authentication I cannot get the windows-user
    > from step 1 (?)
    > --
    > Regards, InspektorDerrick
    Peng Jie, Feb 2, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,386
    Tommy
    Feb 13, 2004
  2. Dadi
    Replies:
    2
    Views:
    175
    Scott Scott
    Sep 16, 2003
  3. jfer
    Replies:
    3
    Views:
    543
    Dominick Baier [DevelopMentor]
    Sep 16, 2005
  4. Eric
    Replies:
    2
    Views:
    462
  5. Michael D. Ober
    Replies:
    6
    Views:
    281
    Michael D. Ober
    Oct 30, 2006
Loading...

Share This Page