Forms authentication with Active Directory



In my web application I use forms authentication with active
directory. This is working just fine.

Because only a small subset of our domain users are allowed to access
the web application, I keep a Users table for the application in the
SQL Sever 2005 database.

The rationale is this:

After a user is AD-authenticated, I check if the user name exists in
the Users table in the database, if not, I would like to fail the

Here is what I am doing:

In the Login.aspx page, I have a login control, and there is nothing
in the code-behind.

Once a user is AD-authenticated, the application redirects the user to
Default.aspx, because in web.config I have

<authentication mode="Forms">
name=".ADAuthCookie" loginUrl="Login.aspx"
timeout="10" />

In Default.aspx.cs, I check if the user is in the Users table in the
database. If not, I kick the user back to the Login.aspx page through


But, how do I nicely show the FailureText of the Login control if the
user is AD-authenticated, but not in the Users table?

I hope that I have made the situation clear. Thank you.


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question