Windows Domain Authentication

Discussion in 'ASP General' started by Zille Hassan, Nov 30, 2003.

  1. Zille Hassan

    Zille Hassan Guest

    Dear All

    Newbie question here. i design form to take input from
    user(username,password). How do i autheticate if the user is Windows Domain
    user and once it has authenticated successfully, how do i forward to the
    success page.

    Any help would be appreciated.

    Regards

    Zille.
     
    Zille Hassan, Nov 30, 2003
    #1
    1. Advertising

  2. Don't use a form, just use Windows Authentication on the application/site.

    You can't take a plain text password from a form, and "check" it against
    Windows Authentication, AFAIK. This would be a *H*U*G*E* security hole.

    --
    Aaron Bertrand
    SQL Server MVP
    http://www.aspfaq.com/




    "Zille Hassan" <> wrote in message
    news:...
    > Dear All
    >
    > Newbie question here. i design form to take input from
    > user(username,password). How do i autheticate if the user is Windows

    Domain
    > user and once it has authenticated successfully, how do i forward to the
    > success page.
    >
    > Any help would be appreciated.
    >
    > Regards
    >
    > Zille.
    >
    >
     
    Aaron Bertrand [MVP], Nov 30, 2003
    #2
    1. Advertising

  3. Zille Hassan

    Ken Schaefer Guest

    You could use ADSI to do it...

    Cheers
    Ken


    "Aaron Bertrand [MVP]" <> wrote in message
    news:%...
    : Don't use a form, just use Windows Authentication on the application/site.
    :
    : You can't take a plain text password from a form, and "check" it against
    : Windows Authentication, AFAIK. This would be a *H*U*G*E* security hole.
    :
    : --
    : Aaron Bertrand
    : SQL Server MVP
    : http://www.aspfaq.com/
    :
    :
    :
    :
    : "Zille Hassan" <> wrote in message
    : news:...
    : > Dear All
    : >
    : > Newbie question here. i design form to take input from
    : > user(username,password). How do i autheticate if the user is Windows
    : Domain
    : > user and once it has authenticated successfully, how do i forward to the
    : > success page.
    : >
    : > Any help would be appreciated.
    : >
    : > Regards
    : >
    : > Zille.
    : >
    : >
    :
    :
     
    Ken Schaefer, Dec 1, 2003
    #3
  4. Zille Hassan

    Zille Hassan Guest

    But how do i do it, i am really new to ASP. do i have to enable Windows
    authentication from the IIS admin.

    and how do i store the username and password taken from the user in session
    variables

    "Zille Hassan" <> wrote in message
    news:...
    > Dear All
    >
    > Newbie question here. i design form to take input from
    > user(username,password). How do i autheticate if the user is Windows

    Domain
    > user and once it has authenticated successfully, how do i forward to the
    > success page.
    >
    > Any help would be appreciated.
    >
    > Regards
    >
    > Zille.
    >
    >
     
    Zille Hassan, Dec 1, 2003
    #4
  5. > and how do i store the username and password taken from the user in
    session
    > variables


    I hope that even through ADSI this is impossible. A programmer should never
    be able to have access to Windows passwords, for reasons that should be
    obvious.

    --
    Aaron Bertrand
    SQL Server MVP
    http://www.aspfaq.com/
     
    Aaron Bertrand - MVP, Dec 1, 2003
    #5
  6. Zille Hassan

    Jeff Cochran Guest

    On Mon, 1 Dec 2003 08:38:18 +0300, "Zille Hassan" <>
    wrote:

    >But how do i do it, i am really new to ASP. do i have to enable Windows
    >authentication from the IIS admin.


    Take a look at:

    http://www.iisfaq.com/default.aspx?View=P78&P=145

    >and how do i store the username and password taken from the user in session
    >variables


    Don't ever store the password in a session variable. You could set a
    session variable for "Logged In" but with Windows authentication
    there's no real reason to (at least that my feeble little mind can
    come up with at the moment...). Windows knows whether you're logged
    in or not.

    Jeff

    >"Zille Hassan" <> wrote in message
    >news:...
    >> Dear All
    >>
    >> Newbie question here. i design form to take input from
    >> user(username,password). How do i autheticate if the user is Windows

    >Domain
    >> user and once it has authenticated successfully, how do i forward to the
    >> success page.
    >>
    >> Any help would be appreciated.
    >>
    >> Regards
    >>
    >> Zille.
    >>
    >>

    >
     
    Jeff Cochran, Dec 1, 2003
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Infant Newbie
    Replies:
    2
    Views:
    3,305
    Infant Newbie
    Nov 12, 2003
  2. Antonio Policelli

    windows authentication in a different domain

    Antonio Policelli, Dec 3, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    538
    John M Deal
    Dec 3, 2004
  3. =?Utf-8?B?aG93YXJkIGRpZXJraW5n?=

    Authentication not mapping domain user to local windows group

    =?Utf-8?B?aG93YXJkIGRpZXJraW5n?=, Jan 24, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    649
    David Jessee
    Jan 25, 2005
  4. thomson
    Replies:
    0
    Views:
    487
    thomson
    Oct 13, 2006
  5. ericmatz

    Windows Authentication and Domain Suffixes

    ericmatz, Sep 29, 2005, in forum: ASP .Net Security
    Replies:
    2
    Views:
    189
    ericmatz
    Sep 29, 2005
Loading...

Share This Page