Combining Anonymous and Domain logon

  • Thread starter Kjell Kristiansson
  • Start date
K

Kjell Kristiansson

In developing a solution I ran into a problem where I have found no
acceptable solution. The problem is combining users with anonymous login
and
users logged in to a domain in the same .aspx application.

Here is some background:
- the application will be accessable from the Internet, extranet and
intranet.
- no logon required but then you get limited information/functionality
- if you'r not logged on you will be provided an option to log on
- users already logged on to the domain should not need to logon in app
- different groups of users get different information/functionality
- the app needs to read from the directory
- Win2k server, ASP.NET 1.1, VB/C#

This must be a fairly common problem but still I have found no acceptable
way to do this. I can solve it by splitting the solution to different
directories with different authority, having an open startpage to do the
analysiz etc.

Kjell K.
PS I have already asked a similar question in the security group
 
C

cbDevelopment

I would approach this using the following:

Have a global function that checks the
request.serverVariables("Auth_User") to determine if the user is logged
in or not. AUTH_USER will return blank if the user is anonymous. Based
on the return of the function, show or hide content.

If the user is anonymous, give a link to a protected page for login.
The page can be protected in a subdirectory with a web.config that
denies anonymous access. When the user logs in, the protected page just
redirects to where they came from
(request.servervariables("http_referer"))

I'm not sure how you handle your roles (database, XML, or Active
Directory), but you could create a genericIdentity and store it in
session when the user is authenticated or when the session starts
(depending on whether they entered anonymously or logged in previously).
Then you could use the IsInRole() to show or hide content. You will be
putting some code in the globabl.asax file to check the user roles if
you go this route.

The multiple directory solution is not a solution and will kill you in
short time.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What is best practice: Combining anonymous logon with windows logon? 0
error raised: Login Failed for user 'NT Authority\Anonymous LOGON' 0
Windows logon 0
anonymous logon 1
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON 5
Anonymous vs NT logon 1
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON' 1
Impersonation with users of 2 domain (nor trusted) 0

Members online

Total: 36 (members: 1, guests: 35)
Robots: 521

Forum statistics

Threads
473,769
Messages
2,569,579
Members
45,053
Latest member
BrodieSola

Latest Threads

Top