Forms Authentication Ticket Functionality With Windows Authentication

Discussion in 'ASP .Net Security' started by jfer, Sep 16, 2005.

  1. jfer

    jfer Guest

    I am creating a web application for a company intranet and I am using
    Windows Authentication for a somewhat "transparent" login process.
    What I would like to do is allow all users into the application that
    exist in our LDAP under a particular user (their is a heirarchy
    associated with the LDAP tree). I was able to do this with Forms
    Authentication as I included the code to do this in the Page_Load event
    of the page associated with the <forms> tag in the web.config. My
    question is where would I include this functionality when using
    Integrated Windows Authentication? And any idea what would be the best
    way to sort of keep track of the user like the forms authentication
    ticket does. Thanks in advance.
     
    jfer, Sep 16, 2005
    #1
    1. Advertisements

  2. Hello jfer,


    is this 1.1?

    You could handle the Authenticate_Request and check via LDAP. If the user
    is in a particular OU let him through, otherwise reject.
     
    Dominick Baier [DevelopMentor], Sep 16, 2005
    #2
    1. Advertisements

  3. jfer

    jfer Guest

    Sorry just to clarify it is in ASP.NET 2.0. I am famaliar with
    querying the LDAP but what is confusing me is where to include it.
    Does Authenticate_Request run on every user interaction with the web
    application or only the first time they enter a web application (sort
    of like Session Start). And what would be the best way to make sure
    they are put through this "gateway" if they try to jump to a page
    somewhere in the middle of the web application later on (lets say via a
    bookmark) and to manage this (Cookies? Session?) I liked how Forms
    Authentication let you hook to a sort of start page. Again insight is
    appreciated.

    Thanks
     
    jfer, Sep 16, 2005
    #3
  4. Hello jfer,

    Authenticate_Request runs on every request - there is no way to bypass.
     
    Dominick Baier [DevelopMentor], Sep 16, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.