469,331 Members | 1,895 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,331 developers. It's quick & easy.

Possible to verify user login?

Hi,

This might seem a little bit disjointed. My boss is suggesting I take
a certain approach to something. There is a private section of the
intranet (its essentially its own section as few users would have use
for it or even know of its existence) and when a user logs on to the
home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when they
logged on to their PC).

I suppose it could be done with folder permissions. I don't really
see how else though.

Any suggestions or questions about my question?
D
Oct 21 '08 #1
6 2780
Devin <de***********@gmail.comwrote:
>Hi,

This might seem a little bit disjointed. My boss is suggesting I take
a certain approach to something. There is a private section of the
intranet (its essentially its own section as few users would have use
for it or even know of its existence) and when a user logs on to the
home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when they
logged on to their PC).
You can retrieve the ID of the person accessing your ASP system using
request.servervariables("LOGIN_USER"). (Presumably they won't be able
to even get to your site, or use the LAN at all, unless they are
properly logged on. Once you've got their userid, you can decide
whether the user should be allowed to use your system.

--
Tim Slattery
MS MVP(Shell/User)
Sl********@bls.gov
http://members.cox.net/slatteryt
Oct 21 '08 #2
"Devin" <de***********@gmail.comwrote in message
news:6b**********************************@26g2000h sk.googlegroups.com...
Hi,

This might seem a little bit disjointed. My boss is suggesting I take
a certain approach to something. There is a private section of the
intranet (its essentially its own section as few users would have use
for it or even know of its existence) and when a user logs on to the
home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when they
logged on to their PC).

I suppose it could be done with folder permissions. I don't really
see how else though.

Any suggestions or questions about my question?
Yes folder permissions would be the way to achieve this. Turn off anonymous
access and turn on windows integrated. Create a Group in AD which
represents the set of users that should have access to this application and
grant that group read access on the folder and contents which holds the
applicaiton. Add the users that should have access to the Group.

If you are using a FQDN for the server then the users will need to add that
FQDN to their set of sites considered to be an intranet site (a simple host
name is assumed by IE to be an intranet site).

If your ASP code needs to discover which of the users is actually using the
app then you can use the AUTH_USER server variable.
--
Anthony Jones - MVP ASP/ASP.NET

Oct 21 '08 #3
Anthony Jones wrote on 21 okt 2008 in
microsoft.public.inetserver.asp.general:
"Devin" <de***********@gmail.comwrote in message
news:6b**********************************@26g2000h sk.googlegroups.com..
.
>Hi,

This might seem a little bit disjointed. My boss is suggesting I
take a certain approach to something. There is a private section of
the intranet (its essentially its own section as few users would have
use for it or even know of its existence) and when a user logs on to
the home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when
they logged on to their PC).

I suppose it could be done with folder permissions. I don't really
see how else though.

Any suggestions or questions about my question?

Yes folder permissions would be the way to achieve this. Turn off
anonymous access and turn on windows integrated. Create a Group in AD
which represents the set of users that should have access to this
application and grant that group read access on the folder and
contents which holds the applicaiton. Add the users that should have
access to the Group.

If you are using a FQDN for the server then the users will need to add
that FQDN to their set of sites considered to be an intranet site (a
simple host name is assumed by IE to be an intranet site).

If your ASP code needs to discover which of the users is actually
using the app then you can use the AUTH_USER server variable.
Why not set a session variable on logon for those users,
and simply test those pages with an include for that session variable?
No need for folder permissions if all you want is page access
restrictions.

If you want folder restrictions without IIS authentication you could set
up virtual folders and streaming.


--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Oct 21 '08 #4
"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn********************@194.109.133.242...
Anthony Jones wrote on 21 okt 2008 in
microsoft.public.inetserver.asp.general:
>"Devin" <de***********@gmail.comwrote in message
news:6b**********************************@26g2000 hsk.googlegroups.com..
.
>>Hi,

This might seem a little bit disjointed. My boss is suggesting I
take a certain approach to something. There is a private section of
the intranet (its essentially its own section as few users would have
use for it or even know of its existence) and when a user logs on to
the home page of this intranet site ASP should verify that they are
allowed to be there (based on them logging on to the network when
they logged on to their PC).

I suppose it could be done with folder permissions. I don't really
see how else though.

Any suggestions or questions about my question?

Yes folder permissions would be the way to achieve this. Turn off
anonymous access and turn on windows integrated. Create a Group in AD
which represents the set of users that should have access to this
application and grant that group read access on the folder and
contents which holds the applicaiton. Add the users that should have
access to the Group.

If you are using a FQDN for the server then the users will need to add
that FQDN to their set of sites considered to be an intranet site (a
simple host name is assumed by IE to be an intranet site).

If your ASP code needs to discover which of the users is actually
using the app then you can use the AUTH_USER server variable.

Why not set a session variable on logon for those users,
and simply test those pages with an include for that session variable?
No need for folder permissions if all you want is page access
restrictions.

If you want folder restrictions without IIS authentication you could set
up virtual folders and streaming.

Because it easier to simply assign a group and manage membership with AD.
No code necessary. What you're proposing is way harder and slower to boot.
--
Anthony Jones - MVP ASP/ASP.NET

Oct 22 '08 #5
Anthony Jones wrote on 22 okt 2008 in
microsoft.public.inetserver.asp.general:

I wrote:
>Why not set a session variable on logon for those users,
and simply test those pages with an include for that session
variable? No need for folder permissions if all you want is page
access restrictions.

If you want folder restrictions without IIS authentication you could
set up virtual folders and streaming.

Because it easier to simply assign a group and manage membership with
AD. No code necessary. What you're proposing is way harder
Anthony, you are only referring to site owners that own the server or have
at least access to the IIS, many of us are not that fortunate.
and slower to boot.
Why?
And if so does that matter?
Or are you referring to something else than machine boots?

"These boots are made for walking"
<http://www.youtube.com/watch?v=7OU7Nezg7Ls>

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Oct 23 '08 #6
"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn*******************@194.109.133.242...
Anthony Jones wrote on 22 okt 2008 in
microsoft.public.inetserver.asp.general:

I wrote:
>>Why not set a session variable on logon for those users,
and simply test those pages with an include for that session
variable? No need for folder permissions if all you want is page
access restrictions.

If you want folder restrictions without IIS authentication you could
set up virtual folders and streaming.

Because it easier to simply assign a group and manage membership with
AD. No code necessary. What you're proposing is way harder

Anthony, you are only referring to site owners that own the server or have
at least access to the IIS, many of us are not that fortunate.
The OP is refering to carving out a private section of an intranet. Also
specifically referenced is the use of network logged in users.
>and slower to boot.

Why?
And if so does that matter?
Or are you referring to something else than machine boots?

"These boots are made for walking"
<http://www.youtube.com/watch?v=7OU7Nezg7Ls>
My apologies, I forgot the international nature of NGs. In the part of the
global I live in "to boot" can loosely mean "as well as" or "in addition" in
the context that I used it. The etomolgy of such use is mystifying.

--
Anthony Jones - MVP ASP/ASP.NET

Oct 23 '08 #7

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

5 posts views Thread by Andrew | last post: by
2 posts views Thread by igotyourdotnet | last post: by
30 posts views Thread by diane | last post: by
3 posts views Thread by Greg Guarino | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
1 post views Thread by haryvincent176 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.