473,396 Members | 2,102 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > authorization with windows authentication -- help!!

Join Bytes to post your question to a community of 473,396 software developers and data experts.

AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!

i want to implement authorization with windows authentication and don't
have the slightest clue of how to do this implementation. the basic
windows authentication for this .NET application is already setup. my
problem lies within my inability to manipulate the username captured in
the authentication process and my knowledge of how IIS is involved.

specifically, i have the following questions:
1) what object(s) can be used so that the user's username can be
manipulated for the authorization process?
2) in order to apply roles, do the users need to be placed in groups in
IIS? if so, how does this work?
3) is all the code that the application uses for roles in web.config?
or does global.asax play a role in this matter?
4) does the web.config file know to communicate with IIS because the
authorization type is set to windows?
5) once authorization is in place, can a section of an .aspx file be
visible to a group or can only entire files be secured for a group?

as you can see, i'm trying to figure out the relationship between
authorization and windows authentication so any help would be
appreciated.

thanks,
john
e: ph********@gmail.com

Jul 22 '05 #1
2 1966
ph********@gmail.com wrote:
i want to implement authorization with windows authentication and
don't have the slightest clue of how to do this implementation. the
basic windows authentication for this .NET application
There was no way for you to know it, but this* is a classic asp newsgroup.
While you may be lucky enough to find a dotnet-savvy person here who can
answer your question, you can eliminate the luck factor by posting your
question to a newsgroup where the dotnet-savvy people hang out. I suggest
microsoft.public.dotnet.framework.aspnet.

Nevertheless ... I'll give it a try. Read on.
is already
setup. my problem lies within my inability to manipulate the
username captured in the authentication process and my knowledge of
how IIS is involved.

specifically, i have the following questions:
1) what object(s) can be used so that the user's username can be
manipulated for the authorization process?
That would be User.Identity.Name
2) in order to apply roles, do the users need to be placed in groups
in IIS? if so, how does this work?
No such thing as IIS groups. You can either create groups in a database
(which can be as simple as a table containing a username column and a
groupname column), or create groups in your Active Directory, meaning that
you will need to learn how to query the AD, which is no trivial task.

3) is all the code that the application uses for roles in web.config?
There is no code in web.config
or does global.asax play a role in this matter?
A Session_onstart sub in global.asax could come into play if you choose to
take that route, but usually, the answer is: Neither.
4) does the web.config file know to communicate with IIS because the
authorization type is set to windows?
Huh? You need to go back and read the book. web.config does not
"communicate" with anything. It is simply a configuration file containing
settings that your application's dll uses when it loads.

Also, the "authentication" type is set in web.config. Authorization is up to
you to implement.
5) once authorization is in place, can a section of an .aspx file be
visible to a group or can only entire files be secured for a group?

Yes to both, but there's nothing automatic about it. You have to write the
code to make it happen.
as you can see, i'm trying to figure out the relationship between
authorization and windows authentication so any help would be
appreciated.


Please follow up in the aspnet newsgroup.

Bob Barrows
*I read this message and replied to it in the .inetserver.asp newsgroup. In
the future, pleas pick a single group to post your message to. Usually,
somebody will be polite enough to point you in the proper direction if
you've chosen the wrong newsgroup.
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 22 '05 #2
Bob Barrows [MVP] wrote:
Also, the "authentication" type is set in web.config. Authorization
is up to you to implement.

oops, a little bit of misinformation here: You CAN use authorization based
on AD groups. Here is a link with more information:
http://msdn.microsoft.com/library/en...yAtRunTime.asp

There is a section about authorization about halfway down, including links
to other relevant documents.
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Jul 22 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!
by: phreeskier | last post by:
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation. the basic windows authentication for this .NET application is...
Microsoft SQL Server
1
Windows Authentication
by: Mark | last post by:
When our staff are logged into a computer on our domain, they're still prompted for their domain login and password to get into our ASP.NET application in Internet Explorer when using Windows...
C# / C Sharp
1
Windows authentication with impersonation - network resource access fails
by: srivalli chavali via DotNetMonster.com | last post by:
Hi, I have a question regd. Windows authentication and network file access. My asp.net application doesn't use any of the .NET's authentication schemes (Forms, Windows or Passport) yet. I have...
C# / C Sharp
2
windows authentication: how to catch the case a user entered a wrongpassword
by: Dan | last post by:
hi ng, i have a problem with windows authentification. i want to forward every user who 1. is not authorized 2. or could not be authenticated to a login page -------------------
ASP.NET
5
My website has weird authorization issue - please help
by: Nevets Steprock | last post by:
I have been building a website diligently for the past three months and everything has been working well so far. Yesterday, I added a link on my javascript menu. This link is supposed to go to a...
ASP.NET
2
Authentication help
by: Bruce Groen | last post by:
I am having some authentication issues. I download a sample app to test the forms based authentication process of asp.net and it works on one of my servers but not the other one. The one that it...
ASP.NET
8
Can I force a Windows Authentication / Login?
by: Keith H | last post by:
I'm looking for a way to force the user to re-authenticate with their Windows username/password/domain after clicking the submit button on an ASP.NET page. This is for an internal application. ...
ASP.NET
4
2.0: "Debugging failed because integrated Windows authentication in not enabled."
by: R.A.M. | last post by:
Hello, I am writing my first ASP.NET application (I use .NET 2.0, Visual Web Developer 2005 Express Edition and SQL Server 2005 Express Edition). The application builds successfully but when I try...
.NET Framework
3
asp.net windows authentication
by: DK | last post by:
I have an intranet application I've built using asp.net 3.5 / running on IIS6. The problem: when a user trys to access a page that they do not have access to, they are given the annoying windows...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!