Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Windows authentication with ability to override

Reply
Thread Tools

Windows authentication with ability to override

 
 
Ryan
Guest
Posts: n/a
 
      07-30-2006
Hello everybody, here is my question:

We are using windows authentication and an Active Directory membership
provider so our users don't have to login to the site. This works
great, but now we need the ability to login as another user. I have
tried simply adding a login control to a test page; the user is
authenticated, but the identity never changes. I am assuming this is by
design, but I am probably missing something simple. Is there a way to
accomplish this? We could use forms authentication, but I believe the
user would have to login to the site . . .

I hope this is the appropriate group to post to; I am new to this 2.0
stuff . . .

Thanks for any help you can offer.

Have a nice day,
Ryan

 
Reply With Quote
 
 
 
 
Dominick Baier
Guest
Posts: n/a
 
      07-30-2006
Hi,

which identity never changes??

btw - you cannot use Windows auth *and* AD membership - i guess you are using
Windows auth when you user don't have to login.

dominick

> Hello everybody, here is my question:
>
> We are using windows authentication and an Active Directory membership
> provider so our users don't have to login to the site. This works
> great, but now we need the ability to login as another user. I have
> tried simply adding a login control to a test page; the user is
> authenticated, but the identity never changes. I am assuming this is
> by design, but I am probably missing something simple. Is there a way
> to accomplish this? We could use forms authentication, but I believe
> the user would have to login to the site . . .
>
> I hope this is the appropriate group to post to; I am new to this 2.0
> stuff . . .
>
> Thanks for any help you can offer.
>
> Have a nice day,
> Ryan



 
Reply With Quote
 
 
 
 
Ryan
Guest
Posts: n/a
 
      07-30-2006
Hello, thanks for replying so quickly.

The identity I am expecting to change is:

HttpContext.Current.User.Identity.Name

I could be confused, a co-worker of mine wrote the web.config, so i was
guessing as to the authentication being magically tied to the
membership node (<membership
defaultProvider="MembershipADProvider"><providers> <add
name="MembershipADProvider"
type="System.Web.Security.ActiveDirectoryMembershi pProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="lookupuser" connectionPassword="lookuppassword"
enableSearchMethods="true"
attributeMapUsername="sAMAccountName"/></providers></membership>) and
no, we don't have to login unless using mozilla-based browsers.

hmmm, I just tested and the membership node doesn't seem to do anything
(still authenticates if removed). I see, the authentication used with
the IIS anonymous off is what does the trick.

Okay, I want to make sure I have this correct. If we would like the
users to not have to manually login, we have to use windows
authentication. If we want the users to be able to login as a user that
is not logged into their computer, we have to use forms or none . . .

I think this article describes a solution:
http://www.15seconds.com/issue/050203.htm

Thanks again,
Ryan



Dominick Baier wrote:
> Hi,
>
> which identity never changes??
>
> btw - you cannot use Windows auth *and* AD membership - i guess you are using
> Windows auth when you user don't have to login.
>
> dominick
>
> > Hello everybody, here is my question:
> >
> > We are using windows authentication and an Active Directory membership
> > provider so our users don't have to login to the site. This works
> > great, but now we need the ability to login as another user. I have
> > tried simply adding a login control to a test page; the user is
> > authenticated, but the identity never changes. I am assuming this is
> > by design, but I am probably missing something simple. Is there a way
> > to accomplish this? We could use forms authentication, but I believe
> > the user would have to login to the site . . .
> >
> > I hope this is the appropriate group to post to; I am new to this 2.0
> > stuff . . .
> >
> > Thanks for any help you can offer.
> >
> > Have a nice day,
> > Ryan


 
Reply With Quote
 
Michael D'Angelo
Guest
Posts: n/a
 
      08-01-2006
You can either have them auto-logon, or prompt for logon and allow them to
use either the account they logged in with or another one. You can't do
both.

"Ryan" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hello, thanks for replying so quickly.
>
> The identity I am expecting to change is:
>
> HttpContext.Current.User.Identity.Name
>
> I could be confused, a co-worker of mine wrote the web.config, so i was
> guessing as to the authentication being magically tied to the
> membership node (<membership
> defaultProvider="MembershipADProvider"><providers> <add
> name="MembershipADProvider"
> type="System.Web.Security.ActiveDirectoryMembershi pProvider,
> System.Web, Version=2.0.0.0, Culture=neutral,
> PublicKeyToken=b03f5f7f11d50a3a"
> connectionStringName="ADConnectionString"
> connectionUsername="lookupuser" connectionPassword="lookuppassword"
> enableSearchMethods="true"
> attributeMapUsername="sAMAccountName"/></providers></membership>) and
> no, we don't have to login unless using mozilla-based browsers.
>
> hmmm, I just tested and the membership node doesn't seem to do anything
> (still authenticates if removed). I see, the authentication used with
> the IIS anonymous off is what does the trick.
>
> Okay, I want to make sure I have this correct. If we would like the
> users to not have to manually login, we have to use windows
> authentication. If we want the users to be able to login as a user that
> is not logged into their computer, we have to use forms or none . . .
>
> I think this article describes a solution:
> http://www.15seconds.com/issue/050203.htm
>
> Thanks again,
> Ryan
>
>
>
> Dominick Baier wrote:
>> Hi,
>>
>> which identity never changes??
>>
>> btw - you cannot use Windows auth *and* AD membership - i guess you are
>> using
>> Windows auth when you user don't have to login.
>>
>> dominick
>>
>> > Hello everybody, here is my question:
>> >
>> > We are using windows authentication and an Active Directory membership
>> > provider so our users don't have to login to the site. This works
>> > great, but now we need the ability to login as another user. I have
>> > tried simply adding a login control to a test page; the user is
>> > authenticated, but the identity never changes. I am assuming this is
>> > by design, but I am probably missing something simple. Is there a way
>> > to accomplish this? We could use forms authentication, but I believe
>> > the user would have to login to the site . . .
>> >
>> > I hope this is the appropriate group to post to; I am new to this 2.0
>> > stuff . . .
>> >
>> > Thanks for any help you can offer.
>> >
>> > Have a nice day,
>> > Ryan

>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
asp.net forms authentication override based on individual pages. Nalaka ASP .Net 5 07-17-2007 08:10 AM
Problem with ASP.NET 2.0 Location override of Forms Authentication settings n33470 ASP .Net 1 03-13-2007 07:38 PM
Lose ability to connect to internet after system awakes from stand =?Utf-8?B?SE1CUmljaw==?= Wireless Networking 1 03-10-2005 05:47 AM
Lost ability to share network printer and shared folders on Workgr =?Utf-8?B?Y3JhYmJq?= Wireless Networking 2 02-11-2005 06:31 PM
Lose ability to get on/off line (via dial up) using wireless card hmc Wireless Networking 0 06-18-2004 09:48 PM



Advertisments