S
STom
I have been reading and reading the Microsoft best practices, articles on
and on but still I can't figure out which method to chose to get started.
Basically, we are using Active directory where all of the users should be
authorized against before accessing the web site. Here are some of my
questions:
1. If I set the virtual directory security property to Integrated Windows
Authentication and I am using active directory (the web server is in the
Active Directory domain) won't IIS/ASP.Net automatically authenticate
against active directory even if I set the web.config file authentication
mode to 'Windows'?
2. If it does automatically authenticate and then I want to get the user or
the user object so I can tell what groups the person belongs in, would I
code that within the page load of the first page?
3. Where do I store the user information so I don't have to authenticate
against active directory for each page?
4. I have seen many examples on MSDN regarding Forms authentication and
active directory. I have 'heard' that you should avoid Forms authentication
but I don't know why. Is there a reason to avoid this way of doing it?
Thanks for any pointers.
STom
and on but still I can't figure out which method to chose to get started.
Basically, we are using Active directory where all of the users should be
authorized against before accessing the web site. Here are some of my
questions:
1. If I set the virtual directory security property to Integrated Windows
Authentication and I am using active directory (the web server is in the
Active Directory domain) won't IIS/ASP.Net automatically authenticate
against active directory even if I set the web.config file authentication
mode to 'Windows'?
2. If it does automatically authenticate and then I want to get the user or
the user object so I can tell what groups the person belongs in, would I
code that within the page load of the first page?
3. Where do I store the user information so I don't have to authenticate
against active directory for each page?
4. I have seen many examples on MSDN regarding Forms authentication and
active directory. I have 'heard' that you should avoid Forms authentication
but I don't know why. Is there a reason to avoid this way of doing it?
Thanks for any pointers.
STom