newbie: General questions about authentication

Discussion in 'ASP .Net' started by Beemer Biker, Nov 14, 2006.

  1. Beemer Biker

    Beemer Biker Guest

    I googled and even brought up the web.config wizard but didnt get answer to
    some questions. I added code to my project to do forms authentication after
    looking at this active directory sample
    http://www.ondotnet.com/pub/a/dotnet/2003/01/20/formsauthp2.html

    OK, I login using my domain, password and username. It works fine. Some
    observations:

    1. The login script runs when a new form is launched. I only want to login
    once and when, for example, my date/time picker aspx page is launched I dont
    want to have to authenticate for that. How do I set up web.config or code
    the login so that only my Default.aspx page requires authentication and not
    every little helper form.

    2. When I demo'ed my prototype to some colleagues I was asked if I had
    coded it to sniff out their passwords. OK, that is a good question. I used
    the exact code at
    http://www.ondotnet.com/pub/a/dotnet/2003/01/20/formsauthp2.html
    which uses active directory. So how can I assure them I am not sniffing
    their passwords? Maybe I cant and if so, this type of security is not what
    is needed.

    3. After the user was authenticated, the following code segment was
    executed:
    if (Request.IsAuthenticated){
    Response.Write("Authenticated User:" +
    Request.LogonUserIdentity.Name + "\n");
    }

    OK. I didnt get the users name unless I am actually viewing the page on my
    server under the VS8 debugger.

    Authenticated User:SWRI16\jstateson

    But if I am on a linux box or any windows system all I see is the name of
    (my) server as in:

    Authenticated User:JYSDC1178\IUSR_JYSDC1178

    These names are no good. Surely I can get their actual username since I am
    going to allow them to upload stuff into the database and I need to identify
    who did the upload and record the username.
    We are running exchange server and active directory, I should be able to get
    the username.



    --
    =======================================================================
    Beemer Biker joestateson at grandecom dot net
    http://TipsForTheComputingImpaired.com
    http://ResearchRiders.org Ask about my 99'R1100RT
    =======================================================================
     
    Beemer Biker, Nov 14, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jack

    general archetecture questions.

    jack, Jun 19, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    343
  2. Johnny  Meredith
    Replies:
    1
    Views:
    488
    Brock Allen
    Jun 12, 2005
  3. roseta

    3 general questions

    roseta, Dec 19, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    417
    Eliyahu Goldin
    Dec 19, 2005
  4. John
    Replies:
    1
    Views:
    512
    Karl Heinz Buchegger
    Oct 30, 2003
  5. Murali

    General C++ Questions

    Murali, Jun 18, 2004, in forum: C++
    Replies:
    9
    Views:
    572
    Ayaz Ahmed Khan
    Jun 18, 2004
Loading...

Share This Page