D
djhexx
Is it possible to do role based security using AD groups in
conjunction with Forms authentication? If so, how? I've seen people
talk about using AzMan to solve this problem...but is there an easier
way?
Right now we have a site that uses Windows authentication and role
based security to lock down folders. When the user logs in, the Menu
control hides nodes the user doesn't have access to. When I turn on
forms authentication I get this error:
Method is only supported if the user name parameter matches the user
name in the current Windows Identity
Here is part of the web.config:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="intranet" timeout="90"
slidingExpiration="false" />
</authentication>
<authorization>
<allow roles= AN OU />
<deny users="*"/>
</authorization>
<membership
defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add
connectionProtection="Secure"
name="AspNetActiveDirectoryMembershipProvider"
connectionStringName="ADConnectionString"
connectionUsername= A USER NAME
connectionPassword= A PASSWORD
attributeMapUsername="sAMAccountName"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken= A PUBLIC KEY TOKEN/>
</providers>
</membership>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>
conjunction with Forms authentication? If so, how? I've seen people
talk about using AzMan to solve this problem...but is there an easier
way?
Right now we have a site that uses Windows authentication and role
based security to lock down folders. When the user logs in, the Menu
control hides nodes the user doesn't have access to. When I turn on
forms authentication I get this error:
Method is only supported if the user name parameter matches the user
name in the current Windows Identity
Here is part of the web.config:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="intranet" timeout="90"
slidingExpiration="false" />
</authentication>
<authorization>
<allow roles= AN OU />
<deny users="*"/>
</authorization>
<membership
defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add
connectionProtection="Secure"
name="AspNetActiveDirectoryMembershipProvider"
connectionStringName="ADConnectionString"
connectionUsername= A USER NAME
connectionPassword= A PASSWORD
attributeMapUsername="sAMAccountName"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken= A PUBLIC KEY TOKEN/>
</providers>
</membership>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>