Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!

Reply
Thread Tools

AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!

 
 
phreeskier@gmail.com
Guest
Posts: n/a
 
      06-21-2005
i want to implement authorization with windows authentication and don't
have the slightest clue of how to do this implementation. the basic
windows authentication for this .NET application is already setup. my
problem lies within my inability to manipulate the username captured in
the authentication process and my knowledge of how IIS is involved.

specifically, i have the following questions:
1) what object(s) can be used so that the user's username can be
manipulated for the authorization process?
2) in order to apply roles, do the users need to be placed in groups in
IIS? if so, how does this work?
3) is all the code that the application uses for roles in web.config?
or does global.asax play a role in this matter?
4) does the web.config file know to communicate with IIS because the
authorization type is set to windows?
5) once authorization is in place, can a section of an .aspx file be
visible to a group or can only entire files be secured for a group?

as you can see, i'm trying to figure out the relationship between
authorization and windows authentication so any help would be
appreciated.

thanks,
john
e: http://www.velocityreviews.com/forums/(E-Mail Removed)

 
Reply With Quote
 
 
 
 
Bob Barrows [MVP]
Guest
Posts: n/a
 
      06-21-2005
(E-Mail Removed) wrote:
> i want to implement authorization with windows authentication and
> don't have the slightest clue of how to do this implementation. the
> basic windows authentication for this .NET application


There was no way for you to know it, but this* is a classic asp newsgroup.
While you may be lucky enough to find a dotnet-savvy person here who can
answer your question, you can eliminate the luck factor by posting your
question to a newsgroup where the dotnet-savvy people hang out. I suggest
microsoft.public.dotnet.framework.aspnet.

Nevertheless ... I'll give it a try. Read on.

> is already
> setup. my problem lies within my inability to manipulate the
> username captured in the authentication process and my knowledge of
> how IIS is involved.
>
> specifically, i have the following questions:
> 1) what object(s) can be used so that the user's username can be
> manipulated for the authorization process?


That would be User.Identity.Name

> 2) in order to apply roles, do the users need to be placed in groups
> in IIS? if so, how does this work?


No such thing as IIS groups. You can either create groups in a database
(which can be as simple as a table containing a username column and a
groupname column), or create groups in your Active Directory, meaning that
you will need to learn how to query the AD, which is no trivial task.


> 3) is all the code that the application uses for roles in web.config?


There is no code in web.config

> or does global.asax play a role in this matter?


A Session_onstart sub in global.asax could come into play if you choose to
take that route, but usually, the answer is: Neither.

> 4) does the web.config file know to communicate with IIS because the
> authorization type is set to windows?


Huh? You need to go back and read the book. web.config does not
"communicate" with anything. It is simply a configuration file containing
settings that your application's dll uses when it loads.

Also, the "authentication" type is set in web.config. Authorization is up to
you to implement.

> 5) once authorization is in place, can a section of an .aspx file be
> visible to a group or can only entire files be secured for a group?
>


Yes to both, but there's nothing automatic about it. You have to write the
code to make it happen.

> as you can see, i'm trying to figure out the relationship between
> authorization and windows authentication so any help would be
> appreciated.
>


Please follow up in the aspnet newsgroup.

Bob Barrows
*I read this message and replied to it in the .inetserver.asp newsgroup. In
the future, pleas pick a single group to post your message to. Usually,
somebody will be polite enough to point you in the proper direction if
you've chosen the wrong newsgroup.
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.


 
Reply With Quote
 
 
 
 
Bob Barrows [MVP]
Guest
Posts: n/a
 
      06-21-2005
Bob Barrows [MVP] wrote:

> Also, the "authentication" type is set in web.config. Authorization
> is up to you to implement.
>

oops, a little bit of misinformation here: You CAN use authorization based
on AD groups. Here is a link with more information:
http://msdn.microsoft.com/library/en...yAtRunTime.asp

There is a section about authorization about halfway down, including links
to other relevant documents.
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authorization using Windows Authentication DK ASP .Net 1 09-23-2008 05:19 PM
URL Authorization does not override File Authorization? SeanRW ASP .Net Security 1 05-25-2006 06:18 AM
AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!! phreeskier@gmail.com ASP .Net 2 06-22-2005 01:44 PM
windows pass through authentication\authorization.... Ollie ASP .Net 8 12-09-2004 06:42 PM
How do you set Role-Based authorization for Windows Authentication? Bob Osborne ASP .Net Security 0 11-18-2003 03:30 PM



Advertisments