Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Custom Windows Authentication Principal?

Reply
Thread Tools

Custom Windows Authentication Principal?

 
 
Eric Wise
Guest
Posts: n/a
 
      02-10-2004
Ok here's the situation, I have several intranet applications at this
company that use windows authentication.

Now when people open the application I can use the user.identity.name to
grab their username. I then use this to query a database that has security
settings for the applications.

What I would like to do is have my own custom user token that I could add
additional fields to (like user.identity.userid, user.identity.departmentid,
user.identity.emailaddress) so I wouldn't have to query the database every
time I want to view them and I don't have to worry about managing session
variables.

Now I've written some code I think will work, but the problem is I can't
figure out how to access the custom information once someone logs in. If
someone could review the code and help me with the last step (or inform me
that I'm barking up the wrong tree) I'd really appreciate it.

Here's the class I created:

Imports System.Security.Principal

Public Class BenetUser

Implements IPrincipal

Private m_Roles() As String

Private m_Id As MyIdentity

Private m_CCID As Integer

Private m_Email As String

Private m_UserName As String

Public Overridable Overloads Function IsInRole(ByVal role As String) As
Boolean Implements IPrincipal.IsInRole

Dim r As String

For Each r In m_Roles

If String.Compare(role, r, True) = 0 Then

Return True

End If

Next

Return False

End Function

Public Overridable Overloads ReadOnly Property Identity() As IIdentity
Implements IPrincipal.Identity

Get

Return m_Id

End Get

End Property

Public ReadOnly Property UserName() As String

Get

Return m_UserName

End Get

End Property

Public ReadOnly Property Id() As Integer

Get

Return m_Id.Id

End Get

End Property

Public ReadOnly Property CCID() As Integer

Get

Return m_CCID

End Get

End Property

Public ReadOnly Property Email() As String

Get

Return m_Email

End Get

End Property

Public Sub New(ByVal roles() As String, ByVal intId As Integer, ByVal
intCCID As Integer, ByVal strEmail As String, ByVal strUserName As String)

m_Roles = roles

m_Id = New MyIdentity(intId)

m_CCID = intCCID

m_Email = strEmail

m_UserName = strUserName

End Sub

Private Class MyIdentity

Implements IIdentity

Private m_Id As Integer

Public Overridable Overloads ReadOnly Property IsAuthenticated() As
Boolean Implements IIdentity.IsAuthenticated

Get

Return True

End Get

End Property

Public Overridable Overloads ReadOnly Property Name() As String
Implements IIdentity.Name

Get

Return m_Id.ToString()

End Get

End Property

Public Overridable Overloads ReadOnly Property AuthenticationType()
As String Implements IIdentity.AuthenticationType

Get

Return "Windows"

End Get

End Property

Friend ReadOnly Property Id() As Integer

Get

Return m_Id

End Get

End Property

Public Sub New(ByVal id As Integer)

m_Id = id

End Sub

End Class

End Class



Then in my global.asax file I put the following code:

Public Sub WindowsAuthentication_OnAuthenticate(ByVal sender As Object,
ByVal e As System.Web.Security.WindowsAuthenticationEventArgs )

If e.Identity.IsAuthenticated Then

Dim id As System.Security.Principal.WindowsIdentity = e.Identity

Dim userName As String = id.Name

Dim myUser As New BPWUser(Replace(userName, "OSTNET1\", ""))

Dim allRoles As String = myUser.Roles

Dim roles() As String = Split(allRoles, "|")

e.User = New BenetUser(roles, myUser.ResourceID,
myUser.CostCenterID, myUser.EmailName, myUser.UserName)

End If

End Sub




 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      02-10-2004
Did you consider inheriting from WindowsIdentity (or WindowPrincipal) to add
your custom functionality instead of reimplementing? Getting all the
WindowsIdentity token-based stuff correct seems like it would be quite a
pain. A lot of that is written in C++ instead of C# in the MS
implementation.

I've sub-classed WindowsPrincipal before and added a whole bunch of
additional properties and it worked well for me.

Joe K.

"Eric Wise" <(E-Mail Removed)> wrote in message
news:%23F8cGF%(E-Mail Removed)...
> Ok here's the situation, I have several intranet applications at this
> company that use windows authentication.
>
> Now when people open the application I can use the user.identity.name to
> grab their username. I then use this to query a database that has

security
> settings for the applications.
>
> What I would like to do is have my own custom user token that I could add
> additional fields to (like user.identity.userid,

user.identity.departmentid,
> user.identity.emailaddress) so I wouldn't have to query the database every
> time I want to view them and I don't have to worry about managing session
> variables.
>
> Now I've written some code I think will work, but the problem is I can't
> figure out how to access the custom information once someone logs in. If
> someone could review the code and help me with the last step (or inform me
> that I'm barking up the wrong tree) I'd really appreciate it.
>
> Here's the class I created:
>
> Imports System.Security.Principal
>
> Public Class BenetUser
>
> Implements IPrincipal
>
> Private m_Roles() As String
>
> Private m_Id As MyIdentity
>
> Private m_CCID As Integer
>
> Private m_Email As String
>
> Private m_UserName As String
>
> Public Overridable Overloads Function IsInRole(ByVal role As String)

As
> Boolean Implements IPrincipal.IsInRole
>
> Dim r As String
>
> For Each r In m_Roles
>
> If String.Compare(role, r, True) = 0 Then
>
> Return True
>
> End If
>
> Next
>
> Return False
>
> End Function
>
> Public Overridable Overloads ReadOnly Property Identity() As IIdentity
> Implements IPrincipal.Identity
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property UserName() As String
>
> Get
>
> Return m_UserName
>
> End Get
>
> End Property
>
> Public ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id.Id
>
> End Get
>
> End Property
>
> Public ReadOnly Property CCID() As Integer
>
> Get
>
> Return m_CCID
>
> End Get
>
> End Property
>
> Public ReadOnly Property Email() As String
>
> Get
>
> Return m_Email
>
> End Get
>
> End Property
>
> Public Sub New(ByVal roles() As String, ByVal intId As Integer, ByVal
> intCCID As Integer, ByVal strEmail As String, ByVal strUserName As String)
>
> m_Roles = roles
>
> m_Id = New MyIdentity(intId)
>
> m_CCID = intCCID
>
> m_Email = strEmail
>
> m_UserName = strUserName
>
> End Sub
>
> Private Class MyIdentity
>
> Implements IIdentity
>
> Private m_Id As Integer
>
> Public Overridable Overloads ReadOnly Property IsAuthenticated()

As
> Boolean Implements IIdentity.IsAuthenticated
>
> Get
>
> Return True
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Property Name() As String
> Implements IIdentity.Name
>
> Get
>
> Return m_Id.ToString()
>
> End Get
>
> End Property
>
> Public Overridable Overloads ReadOnly Property

AuthenticationType()
> As String Implements IIdentity.AuthenticationType
>
> Get
>
> Return "Windows"
>
> End Get
>
> End Property
>
> Friend ReadOnly Property Id() As Integer
>
> Get
>
> Return m_Id
>
> End Get
>
> End Property
>
> Public Sub New(ByVal id As Integer)
>
> m_Id = id
>
> End Sub
>
> End Class
>
> End Class
>
>
>
> Then in my global.asax file I put the following code:
>
> Public Sub WindowsAuthentication_OnAuthenticate(ByVal sender As Object,
> ByVal e As System.Web.Security.WindowsAuthenticationEventArgs )
>
> If e.Identity.IsAuthenticated Then
>
> Dim id As System.Security.Principal.WindowsIdentity =

e.Identity
>
> Dim userName As String = id.Name
>
> Dim myUser As New BPWUser(Replace(userName, "OSTNET1\", ""))
>
> Dim allRoles As String = myUser.Roles
>
> Dim roles() As String = Split(allRoles, "|")
>
> e.User = New BenetUser(roles, myUser.ResourceID,
> myUser.CostCenterID, myUser.EmailName, myUser.UserName)
>
> End If
>
> End Sub
>
>
>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Java - Integrated Windows Authentication - NTLM Authentication Forwarding Will Java 5 12-03-2005 01:00 AM
Forms Authentication Ticket Functionality With Windows Authentication jfer ASP .Net Security 3 09-16-2005 06:30 PM
ASP.NET Authentication and Windows Authentication Fabio Gouw ASP .Net Security 2 11-16-2004 01:01 PM
Basic Authentication v. Integrated Windows Authentication w/ Delegation Mark ASP .Net 0 01-20-2004 03:13 PM
Forms authentication with Windows authentication Dadi ASP .Net Security 2 09-16-2003 04:47 AM



Advertisments