«

Hi,

I am trying to figure out a way to authenticate against Active Directory and
retrieve system.security.principal.WindowsIdentity object, without having to
see the awful grey Basic Authentication logon box. I have found
documentation that you can send a authtentication request programatically by
using the system.net.authenticationmanager.authenticate method, but i can
not get this to work and have not found any samples.

Does anyone know a way to Authenticate against AD and have your browser
session retrieve a identity using forms ?

regards

Niclas

If you want an actual WindowsIdentity object, you must have a logon token
for the user, which means that you will need to call LogonUser with the
user's credentials.

If you would be okay with a GenericIdentity/GenericPrincipal, then you can
create one by authenticating to AD and building those objects yourself.
There is a sample on how to do this with System.DirectoryServices and Forms
authentication in the MS KB:

http://support.microsoft.com/default...b;en-us;326340

That article has some flaws in it, but it is an okay starting point. Note
that the recommended way of doing authentication is by using SSPI instead of
System.DirectoryServices with an LDAP bind, but I don't have a good managed
code wrapper example of SSPI. Maybe someone else does?

The disadvantage with the GenericIdentity is that you can't impersonate with
it, but it can be used to drive the security model in your application using
the standard IPrincipal interface.

HTH,

Joe K.

"Niclas Lindblom" <> wrote in message
news:%...
> Hi,
>
> I am trying to figure out a way to authenticate against Active Directory
and
> retrieve system.security.principal.WindowsIdentity object, without having
to
> see the awful grey Basic Authentication logon box. I have found
> documentation that you can send a authtentication request programatically
by
> using the system.net.authenticationmanager.authenticate method, but i can
> not get this to work and have not found any samples.
>
> Does anyone know a way to Authenticate against AD and have your browser
> session retrieve a identity using forms ?
>
> regards
>
> Niclas
>
>

Is there no way i can do this and get the same functionality as using Basic
authentication with the grey box (not sure how this works) since this seem
to create a session identity automatically.

Thanks for your help

Niclas
"Joe Kaplan (MVP - ADSI)" <> wrote
in message news:...
> If you want an actual WindowsIdentity object, you must have a logon token
> for the user, which means that you will need to call LogonUser with the
> user's credentials.
>
> If you would be okay with a GenericIdentity/GenericPrincipal, then you can
> create one by authenticating to AD and building those objects yourself.
> There is a sample on how to do this with System.DirectoryServices and
Forms
> authentication in the MS KB:
>
> http://support.microsoft.com/default...b;en-us;326340
>
> That article has some flaws in it, but it is an okay starting point. Note
> that the recommended way of doing authentication is by using SSPI instead
of
> System.DirectoryServices with an LDAP bind, but I don't have a good
managed
> code wrapper example of SSPI. Maybe someone else does?
>
> The disadvantage with the GenericIdentity is that you can't impersonate
with
> it, but it can be used to drive the security model in your application
using
> the standard IPrincipal interface.
>
> HTH,
>
> Joe K.
>
> "Niclas Lindblom" <> wrote in message
> news:%...
> > Hi,
> >
> > I am trying to figure out a way to authenticate against Active Directory
> and
> > retrieve system.security.principal.WindowsIdentity object, without
having
> to
> > see the awful grey Basic Authentication logon box. I have found
> > documentation that you can send a authtentication request
programatically
> by
> > using the system.net.authenticationmanager.authenticate method, but i
can
> > not get this to work and have not found any samples.
> >
> > Does anyone know a way to Authenticate against AD and have your browser
> > session retrieve a identity using forms ?
> >
> > regards
> >
> > Niclas
> >
> >
>

It sounds like you want a WindowsIdentity/logon token for the user, so you
will need to use an API that calls LogonUser. The easy way to do this would
be to build a Forms Auth. system that uses the new constructor on
WindowsIdentity in Framework 1.1 that takes a username and password. Note
that the documentation says that you must be running Win2K3 for this call to
work.

http://msdn.microsoft.com/library/de...asp?frame=true

The other option is to P/Invoke LogonUser directly. You need very high
privileges to call this function under Windows 2000 though, so the viability
of this solution may depend on your platform and security needs.

http://msdn.microsoft.com/library/de...asp?frame=true

Either of these (which do essentially the same thing under the hood) will
give you the same functionality as Basic authentication (a primary logon
token).

HTH,

Joe K.


"MS Newsgroups" <> wrote in message
news:%...
> Is there no way i can do this and get the same functionality as using
Basic
> authentication with the grey box (not sure how this works) since this seem
> to create a session identity automatically.
>
> Thanks for your help
>
> Niclas
> "Joe Kaplan (MVP - ADSI)" <> wrote
> in message news:...
> > If you want an actual WindowsIdentity object, you must have a logon
token
> > for the user, which means that you will need to call LogonUser with the
> > user's credentials.
> >
> > If you would be okay with a GenericIdentity/GenericPrincipal, then you
can
> > create one by authenticating to AD and building those objects yourself.
> > There is a sample on how to do this with System.DirectoryServices and
> Forms
> > authentication in the MS KB:
> >
> > http://support.microsoft.com/default...b;en-us;326340
> >
> > That article has some flaws in it, but it is an okay starting point.
Note
> > that the recommended way of doing authentication is by using SSPI
instead
> of
> > System.DirectoryServices with an LDAP bind, but I don't have a good
> managed
> > code wrapper example of SSPI. Maybe someone else does?
> >
> > The disadvantage with the GenericIdentity is that you can't impersonate
> with
> > it, but it can be used to drive the security model in your application
> using
> > the standard IPrincipal interface.
> >
> > HTH,
> >
> > Joe K.
> >
> > "Niclas Lindblom" <> wrote in message
> > news:%...
> > > Hi,
> > >
> > > I am trying to figure out a way to authenticate against Active
Directory
> > and
> > > retrieve system.security.principal.WindowsIdentity object, without
> having
> > to
> > > see the awful grey Basic Authentication logon box. I have found
> > > documentation that you can send a authtentication request
> programatically
> > by
> > > using the system.net.authenticationmanager.authenticate method, but i
> can
> > > not get this to work and have not found any samples.
> > >
> > > Does anyone know a way to Authenticate against AD and have your
browser
> > > session retrieve a identity using forms ?
> > >
> > > regards
> > >
> > > Niclas
> > >
> > >
> >
>
>

Thanks Joe, I have actually looked at this option. What i haven't figured
out yet is how to associate the current users session with the new
WindowsIdentity object i have created. I have a feeling that i need to use
impersonation, but haven't had time to test this yet.

Am I one the right track, or do you know how to get this working ?

Thanks for helping out

Niclas
"Joe Kaplan (MVP - ADSI)" <> wrote
in message news:...
> It sounds like you want a WindowsIdentity/logon token for the user, so you
> will need to use an API that calls LogonUser. The easy way to do this
would
> be to build a Forms Auth. system that uses the new constructor on
> WindowsIdentity in Framework 1.1 that takes a username and password. Note
> that the documentation says that you must be running Win2K3 for this call
to
> work.
>
>
http://msdn.microsoft.com/library/de...asp?frame=true
>
> The other option is to P/Invoke LogonUser directly. You need very high
> privileges to call this function under Windows 2000 though, so the
viability
> of this solution may depend on your platform and security needs.
>
>
http://msdn.microsoft.com/library/de...asp?frame=true
>
> Either of these (which do essentially the same thing under the hood) will
> give you the same functionality as Basic authentication (a primary logon
> token).
>
> HTH,
>
> Joe K.
>
>
> "MS Newsgroups" <> wrote in message
> news:%...
> > Is there no way i can do this and get the same functionality as using
> Basic
> > authentication with the grey box (not sure how this works) since this
seem
> > to create a session identity automatically.
> >
> > Thanks for your help
> >
> > Niclas
> > "Joe Kaplan (MVP - ADSI)" <>
wrote
> > in message news:...
> > > If you want an actual WindowsIdentity object, you must have a logon
> token
> > > for the user, which means that you will need to call LogonUser with
the
> > > user's credentials.
> > >
> > > If you would be okay with a GenericIdentity/GenericPrincipal, then you
> can
> > > create one by authenticating to AD and building those objects
yourself.
> > > There is a sample on how to do this with System.DirectoryServices and
> > Forms
> > > authentication in the MS KB:
> > >
> > > http://support.microsoft.com/default...b;en-us;326340
> > >
> > > That article has some flaws in it, but it is an okay starting point.
> Note
> > > that the recommended way of doing authentication is by using SSPI
> instead
> > of
> > > System.DirectoryServices with an LDAP bind, but I don't have a good
> > managed
> > > code wrapper example of SSPI. Maybe someone else does?
> > >
> > > The disadvantage with the GenericIdentity is that you can't
impersonate
> > with
> > > it, but it can be used to drive the security model in your application
> > using
> > > the standard IPrincipal interface.
> > >
> > > HTH,
> > >
> > > Joe K.
> > >
> > > "Niclas Lindblom" <> wrote in message
> > > news:%...
> > > > Hi,
> > > >
> > > > I am trying to figure out a way to authenticate against Active
> Directory
> > > and
> > > > retrieve system.security.principal.WindowsIdentity object, without
> > having
> > > to
> > > > see the awful grey Basic Authentication logon box. I have found
> > > > documentation that you can send a authtentication request
> > programatically
> > > by
> > > > using the system.net.authenticationmanager.authenticate method, but
i
> > can
> > > > not get this to work and have not found any samples.
> > > >
> > > > Does anyone know a way to Authenticate against AD and have your
> browser
> > > > session retrieve a identity using forms ?
> > > >
> > > > regards
> > > >
> > > > Niclas
> > > >
> > > >
> > >
> >
> >
>

The normal thing to do would be to create the WindowIdentity, then to create
a new WindowsPrincipal from that and set the User property on the
HttpContext equal to that. Then the WindowsPrincipal for the current user
will be associated with that request and all of the normal ASP.NET
role-based security will flow from there.

Someone else may need to provide you with more details if that isn't enough
info as I am not a super expert in Forms authentication.

Joe K.

"Niclas Lindblom" <> wrote in message
news:...
> Thanks Joe, I have actually looked at this option. What i haven't figured
> out yet is how to associate the current users session with the new
> WindowsIdentity object i have created. I have a feeling that i need to use
> impersonation, but haven't had time to test this yet.
>
> Am I one the right track, or do you know how to get this working ?
>
> Thanks for helping out
>
> Niclas
> "Joe Kaplan (MVP - ADSI)" <> wrote
> in message news:...
> > It sounds like you want a WindowsIdentity/logon token for the user, so
you
> > will need to use an API that calls LogonUser. The easy way to do this
> would
> > be to build a Forms Auth. system that uses the new constructor on
> > WindowsIdentity in Framework 1.1 that takes a username and password.
Note
> > that the documentation says that you must be running Win2K3 for this
call
> to
> > work.
> >
> >
>
http://msdn.microsoft.com/library/de...asp?frame=true
> >
> > The other option is to P/Invoke LogonUser directly. You need very high
> > privileges to call this function under Windows 2000 though, so the
> viability
> > of this solution may depend on your platform and security needs.
> >
> >
>
http://msdn.microsoft.com/library/de...pic.asp?frame=
true
> >
> > Either of these (which do essentially the same thing under the hood)
will
> > give you the same functionality as Basic authentication (a primary logon
> > token).
> >
> > HTH,
> >
> > Joe K.
> >
> >
> > "MS Newsgroups" <> wrote in message
> > news:%...
> > > Is there no way i can do this and get the same functionality as using
> > Basic
> > > authentication with the grey box (not sure how this works) since this
> seem
> > > to create a session identity automatically.
> > >
> > > Thanks for your help
> > >
> > > Niclas
> > > "Joe Kaplan (MVP - ADSI)" <>
> wrote
> > > in message news:...
> > > > If you want an actual WindowsIdentity object, you must have a logon
> > token
> > > > for the user, which means that you will need to call LogonUser with
> the
> > > > user's credentials.
> > > >
> > > > If you would be okay with a GenericIdentity/GenericPrincipal, then
you
> > can
> > > > create one by authenticating to AD and building those objects
> yourself.
> > > > There is a sample on how to do this with System.DirectoryServices
and
> > > Forms
> > > > authentication in the MS KB:
> > > >
> > > > http://support.microsoft.com/default...b;en-us;326340
> > > >
> > > > That article has some flaws in it, but it is an okay starting point.
> > Note
> > > > that the recommended way of doing authentication is by using SSPI
> > instead
> > > of
> > > > System.DirectoryServices with an LDAP bind, but I don't have a good
> > > managed
> > > > code wrapper example of SSPI. Maybe someone else does?
> > > >
> > > > The disadvantage with the GenericIdentity is that you can't
> impersonate
> > > with
> > > > it, but it can be used to drive the security model in your
application
> > > using
> > > > the standard IPrincipal interface.
> > > >
> > > > HTH,
> > > >
> > > > Joe K.
> > > >
> > > > "Niclas Lindblom" <> wrote in message
> > > > news:%...
> > > > > Hi,
> > > > >
> > > > > I am trying to figure out a way to authenticate against Active
> > Directory
> > > > and
> > > > > retrieve system.security.principal.WindowsIdentity object, without
> > > having
> > > > to
> > > > > see the awful grey Basic Authentication logon box. I have found
> > > > > documentation that you can send a authtentication request
> > > programatically
> > > > by
> > > > > using the system.net.authenticationmanager.authenticate method,
but
> i
> > > can
> > > > > not get this to work and have not found any samples.
> > > > >
> > > > > Does anyone know a way to Authenticate against AD and have your
> > browser
> > > > > session retrieve a identity using forms ?
> > > > >
> > > > > regards
> > > > >
> > > > > Niclas
> > > > >
> > > > >
> > > >
> > >
> > >
> >
>
>

Hi,

I've came to the same solution on my own but when I assign WindowsPrincipal
to the User property of HttpContext it get's assigned for the current
request but for the next request it's gone. User.Identity.Name becomes
"Anonymous" again and IsAuthenticated is false. What should I do for this
assignment to persist across requests?

Best regards,
Alan Mendelevich.

"Joe Kaplan (MVP - ADSI)" <> wrote
in message news:...
> The normal thing to do would be to create the WindowIdentity, then to
create
> a new WindowsPrincipal from that and set the User property on the
> HttpContext equal to that. Then the WindowsPrincipal for the current user
> will be associated with that request and all of the normal ASP.NET
> role-based security will flow from there.
>
> Someone else may need to provide you with more details if that isn't
enough
> info as I am not a super expert in Forms authentication.
>
> Joe K.
>
> "Niclas Lindblom" <> wrote in message
> news:...
> > Thanks Joe, I have actually looked at this option. What i haven't
figured
> > out yet is how to associate the current users session with the new
> > WindowsIdentity object i have created. I have a feeling that i need to
use
> > impersonation, but haven't had time to test this yet.
> >
> > Am I one the right track, or do you know how to get this working ?
> >
> > Thanks for helping out
> >
> > Niclas
> > "Joe Kaplan (MVP - ADSI)" <>
wrote
> > in message news:...
> > > It sounds like you want a WindowsIdentity/logon token for the user, so
> you
> > > will need to use an API that calls LogonUser. The easy way to do this
> > would
> > > be to build a Forms Auth. system that uses the new constructor on
> > > WindowsIdentity in Framework 1.1 that takes a username and password.
> Note
> > > that the documentation says that you must be running Win2K3 for this
> call
> > to
> > > work.
> > >
> > >
> >
>
http://msdn.microsoft.com/library/de...us/cpref/html/
frlrfSystemSecurityPrincipalWindowsIdentityClassct orTopic5.asp?frame=true
> > >
> > > The other option is to P/Invoke LogonUser directly. You need very
high
> > > privileges to call this function under Windows 2000 though, so the
> > viability
> > > of this solution may depend on your platform and security needs.
> > >
> > >
> >
>
http://msdn.microsoft.com/library/de...us/cpref/html/
frlrfSystemSecurityPrincipalWindowsImpersonationCo ntextClassTopic.asp?frame=
> true
> > >
> > > Either of these (which do essentially the same thing under the hood)
> will
> > > give you the same functionality as Basic authentication (a primary
logon
> > > token).
> > >
> > > HTH,
> > >
> > > Joe K.
> > >
> > >
> > > "MS Newsgroups" <> wrote in message
> > > news:%...
> > > > Is there no way i can do this and get the same functionality as
using
> > > Basic
> > > > authentication with the grey box (not sure how this works) since
this
> > seem
> > > > to create a session identity automatically.
> > > >
> > > > Thanks for your help
> > > >
> > > > Niclas
> > > > "Joe Kaplan (MVP - ADSI)" <>
> > wrote
> > > > in message news:...
> > > > > If you want an actual WindowsIdentity object, you must have a
logon
> > > token
> > > > > for the user, which means that you will need to call LogonUser
with
> > the
> > > > > user's credentials.
> > > > >
> > > > > If you would be okay with a GenericIdentity/GenericPrincipal, then
> you
> > > can
> > > > > create one by authenticating to AD and building those objects
> > yourself.
> > > > > There is a sample on how to do this with System.DirectoryServices
> and
> > > > Forms
> > > > > authentication in the MS KB:
> > > > >
> > > > > http://support.microsoft.com/default...b;en-us;326340
> > > > >
> > > > > That article has some flaws in it, but it is an okay starting
point.
> > > Note
> > > > > that the recommended way of doing authentication is by using SSPI
> > > instead
> > > > of
> > > > > System.DirectoryServices with an LDAP bind, but I don't have a
good
> > > > managed
> > > > > code wrapper example of SSPI. Maybe someone else does?
> > > > >
> > > > > The disadvantage with the GenericIdentity is that you can't
> > impersonate
> > > > with
> > > > > it, but it can be used to drive the security model in your
> application
> > > > using
> > > > > the standard IPrincipal interface.
> > > > >
> > > > > HTH,
> > > > >
> > > > > Joe K.
> > > > >
> > > > > "Niclas Lindblom" <> wrote in message
> > > > > news:%...
> > > > > > Hi,
> > > > > >
> > > > > > I am trying to figure out a way to authenticate against Active
> > > Directory
> > > > > and
> > > > > > retrieve system.security.principal.WindowsIdentity object,
without
> > > > having
> > > > > to
> > > > > > see the awful grey Basic Authentication logon box. I have found
> > > > > > documentation that you can send a authtentication request
> > > > programatically
> > > > > by
> > > > > > using the system.net.authenticationmanager.authenticate method,
> but
> > i
> > > > can
> > > > > > not get this to work and have not found any samples.
> > > > > >
> > > > > > Does anyone know a way to Authenticate against AD and have your
> > > browser
> > > > > > session retrieve a identity using forms ?
> > > > > >
> > > > > > regards
> > > > > >
> > > > > > Niclas
> > > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > >
> >
> >
>

This is how i done it:

Logon using API call to get a token, create a new WindowsIdentity Object and
create a new Windows principal

Add the principal to the session with

session.add("AuthID", ctype(myNewPrincipal,object))

Change userID for this call with:

context.User = CType(Session.Item("AuthID"), WindowsPrincipal)

Then i use global.asax to change the identity for every request

Private Sub Global_PreRequestHandlerExecute(ByVal sender As Object, ByVal e
As System.EventArgs) Handles MyBase.PreRequestHandlerExecute

If Not Session.Item("AuthIdentity") Is Nothing Then
Context.User = CType(Session.Item("AuthIdentity"),
WindowsPrincipal)
End If

What i have also done, but not included here, is that i save the anonymous
principal to the session before switching, so i can switch back if i would
like the user to be able to perform a log off and continue as anonymous

Any questions,

Let me know

Niclas Lindblom


"Alan Mendelevich" <> wrote in message
news:...
> Hi,
>
> I've came to the same solution on my own but when I assign
WindowsPrincipal
> to the User property of HttpContext it get's assigned for the current
> request but for the next request it's gone. User.Identity.Name becomes
> "Anonymous" again and IsAuthenticated is false. What should I do for this
> assignment to persist across requests?
>
> Best regards,
> Alan Mendelevich.
>
> "Joe Kaplan (MVP - ADSI)" <> wrote
> in message news:...
> > The normal thing to do would be to create the WindowIdentity, then to
> create
> > a new WindowsPrincipal from that and set the User property on the
> > HttpContext equal to that. Then the WindowsPrincipal for the current
user
> > will be associated with that request and all of the normal ASP.NET
> > role-based security will flow from there.
> >
> > Someone else may need to provide you with more details if that isn't
> enough
> > info as I am not a super expert in Forms authentication.
> >
> > Joe K.
> >
> > "Niclas Lindblom" <> wrote in message
> > news:...
> > > Thanks Joe, I have actually looked at this option. What i haven't
> figured
> > > out yet is how to associate the current users session with the new
> > > WindowsIdentity object i have created. I have a feeling that i need to
> use
> > > impersonation, but haven't had time to test this yet.
> > >
> > > Am I one the right track, or do you know how to get this working ?
> > >
> > > Thanks for helping out
> > >
> > > Niclas
> > > "Joe Kaplan (MVP - ADSI)" <>
> wrote
> > > in message news:...
> > > > It sounds like you want a WindowsIdentity/logon token for the user,
so
> > you
> > > > will need to use an API that calls LogonUser. The easy way to do
this
> > > would
> > > > be to build a Forms Auth. system that uses the new constructor on
> > > > WindowsIdentity in Framework 1.1 that takes a username and password.
> > Note
> > > > that the documentation says that you must be running Win2K3 for this
> > call
> > > to
> > > > work.
> > > >
> > > >
> > >
> >
>
http://msdn.microsoft.com/library/de...us/cpref/html/
> frlrfSystemSecurityPrincipalWindowsIdentityClassct orTopic5.asp?frame=true
> > > >
> > > > The other option is to P/Invoke LogonUser directly. You need very
> high
> > > > privileges to call this function under Windows 2000 though, so the
> > > viability
> > > > of this solution may depend on your platform and security needs.
> > > >
> > > >
> > >
> >
>
http://msdn.microsoft.com/library/de...us/cpref/html/
>
frlrfSystemSecurityPrincipalWindowsImpersonationCo ntextClassTopic.asp?frame=
> > true
> > > >
> > > > Either of these (which do essentially the same thing under the hood)
> > will
> > > > give you the same functionality as Basic authentication (a primary
> logon
> > > > token).
> > > >
> > > > HTH,
> > > >
> > > > Joe K.
> > > >
> > > >
> > > > "MS Newsgroups" <> wrote in message
> > > > news:%...
> > > > > Is there no way i can do this and get the same functionality as
> using
> > > > Basic
> > > > > authentication with the grey box (not sure how this works) since
> this
> > > seem
> > > > > to create a session identity automatically.
> > > > >
> > > > > Thanks for your help
> > > > >
> > > > > Niclas
> > > > > "Joe Kaplan (MVP - ADSI)"
<>
> > > wrote
> > > > > in message news:...
> > > > > > If you want an actual WindowsIdentity object, you must have a
> logon
> > > > token
> > > > > > for the user, which means that you will need to call LogonUser
> with
> > > the
> > > > > > user's credentials.
> > > > > >
> > > > > > If you would be okay with a GenericIdentity/GenericPrincipal,
then
> > you
> > > > can
> > > > > > create one by authenticating to AD and building those objects
> > > yourself.
> > > > > > There is a sample on how to do this with
System.DirectoryServices
> > and
> > > > > Forms
> > > > > > authentication in the MS KB:
> > > > > >
> > > > > > http://support.microsoft.com/default...b;en-us;326340
> > > > > >
> > > > > > That article has some flaws in it, but it is an okay starting
> point.
> > > > Note
> > > > > > that the recommended way of doing authentication is by using
SSPI
> > > > instead
> > > > > of
> > > > > > System.DirectoryServices with an LDAP bind, but I don't have a
> good
> > > > > managed
> > > > > > code wrapper example of SSPI. Maybe someone else does?
> > > > > >
> > > > > > The disadvantage with the GenericIdentity is that you can't
> > > impersonate
> > > > > with
> > > > > > it, but it can be used to drive the security model in your
> > application
> > > > > using
> > > > > > the standard IPrincipal interface.
> > > > > >
> > > > > > HTH,
> > > > > >
> > > > > > Joe K.
> > > > > >
> > > > > > "Niclas Lindblom" <> wrote in message
> > > > > > news:%...
> > > > > > > Hi,
> > > > > > >
> > > > > > > I am trying to figure out a way to authenticate against Active
> > > > Directory
> > > > > > and
> > > > > > > retrieve system.security.principal.WindowsIdentity object,
> without
> > > > > having
> > > > > > to
> > > > > > > see the awful grey Basic Authentication logon box. I have
found
> > > > > > > documentation that you can send a authtentication request
> > > > > programatically
> > > > > > by
> > > > > > > using the system.net.authenticationmanager.authenticate
method,
> > but
> > > i
> > > > > can
> > > > > > > not get this to work and have not found any samples.
> > > > > > >
> > > > > > > Does anyone know a way to Authenticate against AD and have
your
> > > > browser
> > > > > > > session retrieve a identity using forms ?
> > > > > > >
> > > > > > > regards
> > > > > > >
> > > > > > > Niclas
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> >
>
>