Windows Domain Authentication

Z

Zille Hassan

Dear All

Newbie question here. i design form to take input from
user(username,password). How do i autheticate if the user is Windows Domain
user and once it has authenticated successfully, how do i forward to the
success page.

Any help would be appreciated.

Regards

Zille.
 
A

Aaron Bertrand [MVP]

Don't use a form, just use Windows Authentication on the application/site.

You can't take a plain text password from a form, and "check" it against
Windows Authentication, AFAIK. This would be a *H*U*G*E* security hole.
 
K

Ken Schaefer

You could use ADSI to do it...

Cheers
Ken


: Don't use a form, just use Windows Authentication on the application/site.
:
: You can't take a plain text password from a form, and "check" it against
: Windows Authentication, AFAIK. This would be a *H*U*G*E* security hole.
:
: --
: Aaron Bertrand
: SQL Server MVP
: http://www.aspfaq.com/
:
:
:
:
: : > Dear All
: >
: > Newbie question here. i design form to take input from
: > user(username,password). How do i autheticate if the user is Windows
: Domain
: > user and once it has authenticated successfully, how do i forward to the
: > success page.
: >
: > Any help would be appreciated.
: >
: > Regards
: >
: > Zille.
: >
: >
:
:
 
Z

Zille Hassan

But how do i do it, i am really new to ASP. do i have to enable Windows
authentication from the IIS admin.

and how do i store the username and password taken from the user in session
variables
 
A

Aaron Bertrand - MVP

and how do i store the username and password taken from the user in
session
variables
Click to expand...

I hope that even through ADSI this is impossible. A programmer should never
be able to have access to Windows passwords, for reasons that should be
obvious.
 
J

Jeff Cochran

But how do i do it, i am really new to ASP. do i have to enable Windows
authentication from the IIS admin.
Click to expand...

Take a look at:

http://www.iisfaq.com/default.aspx?View=P78&P=145
and how do i store the username and password taken from the user in session
variables
Click to expand...

Don't ever store the password in a session variable. You could set a
session variable for "Logged In" but with Windows authentication
there's no real reason to (at least that my feeble little mind can
come up with at the moment...). Windows knows whether you're logged
in or not.

Jeff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Django authenticate problem 0
Please, help me. 1
windows authentication 3
Windows Domain authentication 0
determine trusted domain with windows authentication 3
How to Create a random password generator in a separate window 4
How to submit form after calling curl post 4
IIS + domain? 1

Members online

Total: 15 (members: 1, guests: 14)
Robots: 442

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top