special authentication

[Peter Kornills]

Hi!

My problem is quiet simple, but a solution seems to be difficult(for
me):
I've a group of users for my asp.net webapplication. In case of a
login the User should be authenticated automaticly (this means the
application should verify if he's allowed to use it).

I want to get the windows username from the client and look up in an
oracle database weather the user is allowed to act with the webapp. If
he isn't the Application will redirect to an error-message.

But it seems to be hard to get the windows-user.

I've tried to set the authentication form on "Windows" in the
Web.config-file

In the code behind I try to get the following value:

name = Page.User.Identity.Name

but that doesn't work.
Does any body have an idea to solve this problem?

Regards

Peter

 

[Joe Kaplan \(MVP - ADSI\)]

If you want to use Windows authentication in ASP.NET, you need to disable
anonymous access in IIS and enable IWA, Digest or Basic. Have you done
that?

Once you do, Page,User.Identity.Name should return the current Windows user
and you can use all of the built in mechanisms for authorization that you
want or roll your own.

Joe K.

 

[Paul Clement]

On 22 Feb 2005 06:41:44 -0800, (e-mail address removed) (Peter Kornills) wrote:

¤ Hi!
¤
¤ My problem is quiet simple, but a solution seems to be difficult(for
¤ me):
¤ I've a group of users for my asp.net webapplication. In case of a
¤ login the User should be authenticated automaticly (this means the
¤ application should verify if he's allowed to use it).
¤
¤ I want to get the windows username from the client and look up in an
¤ oracle database weather the user is allowed to act with the webapp. If
¤ he isn't the Application will redirect to an error-message.
¤
¤ But it seems to be hard to get the windows-user.
¤
¤ I've tried to set the authentication form on "Windows" in the
¤ Web.config-file
¤
¤ In the code behind I try to get the following value:
¤
¤ name = Page.User.Identity.Name
¤
¤ but that doesn't work.
¤ Does any body have an idea to solve this problem?
¤
¤ Regards
¤
¤ Peter

In addition to what Joe mentioned you also need to enable impersonation.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconimpersonation.asp


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

 

[Joe Kaplan \(MVP - ADSI\)]

On 22 Feb 2005 06:41:44 -0800, (e-mail address removed) (Peter Kornills)
wrote:

¤ Hi!
¤
¤ My problem is quiet simple, but a solution seems to be difficult(for
¤ me):
¤ I've a group of users for my asp.net webapplication. In case of a
¤ login the User should be authenticated automaticly (this means the
¤ application should verify if he's allowed to use it).
¤
¤ I want to get the windows username from the client and look up in an
¤ oracle database weather the user is allowed to act with the webapp. If
¤ he isn't the Application will redirect to an error-message.
¤
¤ But it seems to be hard to get the windows-user.
¤
¤ I've tried to set the authentication form on "Windows" in the
¤ Web.config-file
¤
¤ In the code behind I try to get the following value:
¤
¤ name = Page.User.Identity.Name
¤
¤ but that doesn't work.
¤ Does any body have an idea to solve this problem?
¤
¤ Regards
¤
¤ Peter

In addition to what Joe mentioned you also need to enable impersonation.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconimpersonation.asp


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

Why?

All he wants to do is check to see who the authenticated user is.
Context.User.Identity.Name (or Page.User.Identity.Name) will be the
authenticated use regardless of what the setting for impersonation is.
Impersonation is only needed if he needs to execute code as the
authenticated user.

Joe K.

 

[Paul Clement]

On Tue, 22 Feb 2005 13:31:46 -0600, "Joe Kaplan \(MVP - ADSI\)"

¤
¤ ¤ > On 22 Feb 2005 06:41:44 -0800, (e-mail address removed) (Peter Kornills)
¤ > wrote:
¤ >
¤ > ¤ Hi!
¤ > ¤
¤ > ¤ My problem is quiet simple, but a solution seems to be difficult(for
¤ > ¤ me):
¤ > ¤ I've a group of users for my asp.net webapplication. In case of a
¤ > ¤ login the User should be authenticated automaticly (this means the
¤ > ¤ application should verify if he's allowed to use it).
¤ > ¤
¤ > ¤ I want to get the windows username from the client and look up in an
¤ > ¤ oracle database weather the user is allowed to act with the webapp. If
¤ > ¤ he isn't the Application will redirect to an error-message.
¤ > ¤
¤ > ¤ But it seems to be hard to get the windows-user.
¤ > ¤
¤ > ¤ I've tried to set the authentication form on "Windows" in the
¤ > ¤ Web.config-file
¤ > ¤
¤ > ¤ In the code behind I try to get the following value:
¤ > ¤
¤ > ¤ name = Page.User.Identity.Name
¤ > ¤
¤ > ¤ but that doesn't work.
¤ > ¤ Does any body have an idea to solve this problem?
¤ > ¤
¤ > ¤ Regards
¤ > ¤
¤ > ¤ Peter
¤ >
¤ > In addition to what Joe mentioned you also need to enable impersonation.
¤ >
¤ > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconimpersonation.asp
¤ >
¤ >
¤ > Paul ~~~ (e-mail address removed)
¤ > Microsoft MVP (Visual Basic)
¤
¤ Why?
¤
¤ All he wants to do is check to see who the authenticated user is.
¤ Context.User.Identity.Name (or Page.User.Identity.Name) will be the
¤ authenticated use regardless of what the setting for impersonation is.
¤ Impersonation is only needed if he needs to execute code as the
¤ authenticated user.
¤
¤ Joe K.
¤

Yes, Joe, you're correct. I misread his post and thought he was using integrated security with
Oracle.


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)

 

[Peter Kornills]

It works!

thanks for your help Paul and Joe

Regards Peter