D
Danny Vucinec
I'm building a solution that uses Windows authentication. However, the
Windows users that are allowed to login and use the application are defined
in a custom user store. If a user is successfully authenticated by Windows,
access should be denied to if the user isn't in the custom user store.
Using roles to authorize the users would be a good solution, but the fact
is, that the web application uses both asp.net and classical asp. What other
options could be used? I'm thinking of a custom SessionStateUtility that only
issues a new session after the authenticated user is located in the user
store.
Windows users that are allowed to login and use the application are defined
in a custom user store. If a user is successfully authenticated by Windows,
access should be denied to if the user isn't in the custom user store.
Using roles to authorize the users would be a good solution, but the fact
is, that the web application uses both asp.net and classical asp. What other
options could be used? I'm thinking of a custom SessionStateUtility that only
issues a new session after the authenticated user is located in the user
store.