Possible to verify user login?

Discussion in 'ASP General' started by Devin, Oct 21, 2008.

  1. Devin

    Devin Guest

    Hi,

    This might seem a little bit disjointed. My boss is suggesting I take
    a certain approach to something. There is a private section of the
    intranet (its essentially its own section as few users would have use
    for it or even know of its existence) and when a user logs on to the
    home page of this intranet site ASP should verify that they are
    allowed to be there (based on them logging on to the network when they
    logged on to their PC).

    I suppose it could be done with folder permissions. I don't really
    see how else though.

    Any suggestions or questions about my question?


    D
    Devin, Oct 21, 2008
    #1
    1. Advertising

  2. Devin

    Tim Slattery Guest

    Devin <> wrote:

    >Hi,
    >
    >This might seem a little bit disjointed. My boss is suggesting I take
    >a certain approach to something. There is a private section of the
    >intranet (its essentially its own section as few users would have use
    >for it or even know of its existence) and when a user logs on to the
    >home page of this intranet site ASP should verify that they are
    >allowed to be there (based on them logging on to the network when they
    >logged on to their PC).


    You can retrieve the ID of the person accessing your ASP system using
    request.servervariables("LOGIN_USER"). (Presumably they won't be able
    to even get to your site, or use the LAN at all, unless they are
    properly logged on. Once you've got their userid, you can decide
    whether the user should be allowed to use your system.

    --
    Tim Slattery
    MS MVP(Shell/User)

    http://members.cox.net/slatteryt
    Tim Slattery, Oct 21, 2008
    #2
    1. Advertising

  3. "Devin" <> wrote in message
    news:...
    > Hi,
    >
    > This might seem a little bit disjointed. My boss is suggesting I take
    > a certain approach to something. There is a private section of the
    > intranet (its essentially its own section as few users would have use
    > for it or even know of its existence) and when a user logs on to the
    > home page of this intranet site ASP should verify that they are
    > allowed to be there (based on them logging on to the network when they
    > logged on to their PC).
    >
    > I suppose it could be done with folder permissions. I don't really
    > see how else though.
    >
    > Any suggestions or questions about my question?
    >


    Yes folder permissions would be the way to achieve this. Turn off anonymous
    access and turn on windows integrated. Create a Group in AD which
    represents the set of users that should have access to this application and
    grant that group read access on the folder and contents which holds the
    applicaiton. Add the users that should have access to the Group.

    If you are using a FQDN for the server then the users will need to add that
    FQDN to their set of sites considered to be an intranet site (a simple host
    name is assumed by IE to be an intranet site).

    If your ASP code needs to discover which of the users is actually using the
    app then you can use the AUTH_USER server variable.


    --
    Anthony Jones - MVP ASP/ASP.NET
    Anthony Jones, Oct 21, 2008
    #3
  4. Devin

    Evertjan. Guest

    Anthony Jones wrote on 21 okt 2008 in
    microsoft.public.inetserver.asp.general:

    > "Devin" <> wrote in message
    > news:..
    > .
    >> Hi,
    >>
    >> This might seem a little bit disjointed. My boss is suggesting I
    >> take a certain approach to something. There is a private section of
    >> the intranet (its essentially its own section as few users would have
    >> use for it or even know of its existence) and when a user logs on to
    >> the home page of this intranet site ASP should verify that they are
    >> allowed to be there (based on them logging on to the network when
    >> they logged on to their PC).
    >>
    >> I suppose it could be done with folder permissions. I don't really
    >> see how else though.
    >>
    >> Any suggestions or questions about my question?
    >>

    >
    > Yes folder permissions would be the way to achieve this. Turn off
    > anonymous access and turn on windows integrated. Create a Group in AD
    > which represents the set of users that should have access to this
    > application and grant that group read access on the folder and
    > contents which holds the applicaiton. Add the users that should have
    > access to the Group.
    >
    > If you are using a FQDN for the server then the users will need to add
    > that FQDN to their set of sites considered to be an intranet site (a
    > simple host name is assumed by IE to be an intranet site).
    >
    > If your ASP code needs to discover which of the users is actually
    > using the app then you can use the AUTH_USER server variable.


    Why not set a session variable on logon for those users,
    and simply test those pages with an include for that session variable?
    No need for folder permissions if all you want is page access
    restrictions.

    If you want folder restrictions without IIS authentication you could set
    up virtual folders and streaming.




    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Oct 21, 2008
    #4
  5. "Evertjan." <> wrote in message
    news:Xns9B3EECCA693E1eejj99@194.109.133.242...
    > Anthony Jones wrote on 21 okt 2008 in
    > microsoft.public.inetserver.asp.general:
    >
    >> "Devin" <> wrote in message
    >> news:..
    >> .
    >>> Hi,
    >>>
    >>> This might seem a little bit disjointed. My boss is suggesting I
    >>> take a certain approach to something. There is a private section of
    >>> the intranet (its essentially its own section as few users would have
    >>> use for it or even know of its existence) and when a user logs on to
    >>> the home page of this intranet site ASP should verify that they are
    >>> allowed to be there (based on them logging on to the network when
    >>> they logged on to their PC).
    >>>
    >>> I suppose it could be done with folder permissions. I don't really
    >>> see how else though.
    >>>
    >>> Any suggestions or questions about my question?
    >>>

    >>
    >> Yes folder permissions would be the way to achieve this. Turn off
    >> anonymous access and turn on windows integrated. Create a Group in AD
    >> which represents the set of users that should have access to this
    >> application and grant that group read access on the folder and
    >> contents which holds the applicaiton. Add the users that should have
    >> access to the Group.
    >>
    >> If you are using a FQDN for the server then the users will need to add
    >> that FQDN to their set of sites considered to be an intranet site (a
    >> simple host name is assumed by IE to be an intranet site).
    >>
    >> If your ASP code needs to discover which of the users is actually
    >> using the app then you can use the AUTH_USER server variable.

    >
    > Why not set a session variable on logon for those users,
    > and simply test those pages with an include for that session variable?
    > No need for folder permissions if all you want is page access
    > restrictions.
    >
    > If you want folder restrictions without IIS authentication you could set
    > up virtual folders and streaming.
    >
    >


    Because it easier to simply assign a group and manage membership with AD.
    No code necessary. What you're proposing is way harder and slower to boot.


    --
    Anthony Jones - MVP ASP/ASP.NET
    Anthony Jones, Oct 22, 2008
    #5
  6. Devin

    Evertjan. Guest

    Anthony Jones wrote on 22 okt 2008 in
    microsoft.public.inetserver.asp.general:

    I wrote:
    >> Why not set a session variable on logon for those users,
    >> and simply test those pages with an include for that session
    >> variable? No need for folder permissions if all you want is page
    >> access restrictions.
    >>
    >> If you want folder restrictions without IIS authentication you could
    >> set up virtual folders and streaming.
    >>

    >
    > Because it easier to simply assign a group and manage membership with
    > AD. No code necessary. What you're proposing is way harder


    Anthony, you are only referring to site owners that own the server or have
    at least access to the IIS, many of us are not that fortunate.

    > and slower to boot.


    Why?
    And if so does that matter?
    Or are you referring to something else than machine boots?

    "These boots are made for walking"
    <http://www.youtube.com/watch?v=7OU7Nezg7Ls>

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Oct 23, 2008
    #6
  7. "Evertjan." <> wrote in message
    news:Xns9B40AB74CDD0eejj99@194.109.133.242...
    > Anthony Jones wrote on 22 okt 2008 in
    > microsoft.public.inetserver.asp.general:
    >
    > I wrote:
    >>> Why not set a session variable on logon for those users,
    >>> and simply test those pages with an include for that session
    >>> variable? No need for folder permissions if all you want is page
    >>> access restrictions.
    >>>
    >>> If you want folder restrictions without IIS authentication you could
    >>> set up virtual folders and streaming.
    >>>

    >>
    >> Because it easier to simply assign a group and manage membership with
    >> AD. No code necessary. What you're proposing is way harder

    >
    > Anthony, you are only referring to site owners that own the server or have
    > at least access to the IIS, many of us are not that fortunate.
    >


    The OP is refering to carving out a private section of an intranet. Also
    specifically referenced is the use of network logged in users.

    >> and slower to boot.

    >
    > Why?
    > And if so does that matter?
    > Or are you referring to something else than machine boots?
    >
    > "These boots are made for walking"
    > <http://www.youtube.com/watch?v=7OU7Nezg7Ls>
    >


    My apologies, I forgot the international nature of NGs. In the part of the
    global I live in "to boot" can loosely mean "as well as" or "in addition" in
    the context that I used it. The etomolgy of such use is mystifying.

    --
    Anthony Jones - MVP ASP/ASP.NET
    Anthony Jones, Oct 23, 2008
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?QW5kcmV3?=

    What is the best approach to verify a user?

    =?Utf-8?B?QW5kcmV3?=, Nov 2, 2005, in forum: ASP .Net
    Replies:
    5
    Views:
    394
    Kevin Spencer
    Nov 3, 2005
  2. David Bear

    verify a user

    David Bear, Jan 19, 2006, in forum: Python
    Replies:
    1
    Views:
    289
    Dan Sommers
    Jan 19, 2006
  3. John Beschler

    Verify User's credentials

    John Beschler, Sep 18, 2009, in forum: ASP .Net
    Replies:
    1
    Views:
    288
    John Beschler
    Sep 18, 2009
  4. Tony Johansson
    Replies:
    3
    Views:
    16,106
    Patrice
    Jan 2, 2010
  5. asimhg
    Replies:
    0
    Views:
    873
    asimhg
    Feb 4, 2010
Loading...

Share This Page