I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was using
IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to run
as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
7  1697 
Here is how you will need to do it, scroll down to "Impersonat e a Specific User in Code" http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was using
IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to run
as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a Specific
User in Code" http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to run
as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
I think you are looking at the wrong example, you're looking at code for IIS authenticated users, not Forms Authenticated users. You'd essentially be impersonating the already impersonated user! That line of code you mentioned is equilavent to <identity impersonate="tr ue"> in web.config, and yes User.Identity is HttpContext.Cur rent.User.Ident ity.
But none of that really matters for Forms Authentication. For you, you need to scroll down to the little bit more messy code, "Impersonat e a Specific User in Code". You'll have the username/password they used to log onto your website, so just plug it in and have at it.
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message news:eZ******** ******@TK2MSFTN GP09.phx.gbl... That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a Specific
User in Code"
http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to run
as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
Well I can get there username with HttpContexct.Cu rrent.User.Iden tity.Name,
but how can I get their password? Remember I'm using forms based
authentication against my AD. If I can read their password somehow in plain
text then I'm home free. I had it in plain text back at the logon.aspx
page, but is there a safe way to send that over to another page or store it
somewhere that I can retrieve?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
I think you are looking at the wrong example, you're looking at code for IIS
authenticated users, not Forms Authenticated users. You'd essentially be
impersonating the already impersonated user! That line of code you
mentioned is equilavent to <identity impersonate="tr ue"> in web.config, and
yes User.Identity is HttpContext.Cur rent.User.Ident ity.
But none of that really matters for Forms Authentication. For you, you need
to scroll down to the little bit more messy code, "Impersonat e a Specific
User in Code". You'll have the username/password they used to log onto your
website, so just plug it in and have at it.
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:eZ******** ******@TK2MSFTN GP09.phx.gbl... That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a Specific
User in Code"
http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to
run as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
Oh also I tried to use the Authenticating User in Code section and where I
was having troubles compiling I simply but
HttpContexct.Cu rrent.User.Iden tity. It compiled fine but during runtime I'm
told that it's an invalid cast.
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
I think you are looking at the wrong example, you're looking at code for IIS
authenticated users, not Forms Authenticated users. You'd essentially be
impersonating the already impersonated user! That line of code you
mentioned is equilavent to <identity impersonate="tr ue"> in web.config, and
yes User.Identity is HttpContext.Cur rent.User.Ident ity.
But none of that really matters for Forms Authentication. For you, you need
to scroll down to the little bit more messy code, "Impersonat e a Specific
User in Code". You'll have the username/password they used to log onto your
website, so just plug it in and have at it.
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:eZ******** ******@TK2MSFTN GP09.phx.gbl... That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a Specific
User in Code"
http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to
run as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
Save their password in the session right after they log in, it's safe there.
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message news:Ol******** ********@tk2msf tngp13.phx.gbl. .. Well I can get there username with HttpContexct.Cu rrent.User.Iden tity.Name,
but how can I get their password? Remember I'm using forms based
authentication against my AD. If I can read their password somehow in plain
text then I'm home free. I had it in plain text back at the logon.aspx
page, but is there a safe way to send that over to another page or store it
somewhere that I can retrieve?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
I think you are looking at the wrong example, you're looking at code for IIS
authenticated users, not Forms Authenticated users. You'd essentially be
impersonating the already impersonated user! That line of code you
mentioned is equilavent to <identity impersonate="tr ue"> in web.config, and
yes User.Identity is HttpContext.Cur rent.User.Ident ity.
But none of that really matters for Forms Authentication. For you, you need
to scroll down to the little bit more messy code, "Impersonat e a Specific
User in Code". You'll have the username/password they used to log onto your
website, so just plug it in and have at it.
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:eZ******** ******@TK2MSFTN GP09.phx.gbl... That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a Specific
User in Code"
http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory for
authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to run as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
Now you've got me confused.
Over at the logon.aspx.cs I can access tbPassword.Text and get the plaint
text password.
Now I can store that in viewstate in logon.aspx.cs but then how would I
access it over at my createAccount.a spx.cs file?
Thanks for all the help by the way.
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:OE******** ******@tk2msftn gp13.phx.gbl...
Save their password in the session right after they log in, it's safe there.
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:Ol******** ********@tk2msf tngp13.phx.gbl. .. Well I can get there username with
HttpContexct.Cu rrent.User.Iden tity.Name, but how can I get their password? Remember I'm using forms based
authentication against my AD. If I can read their password somehow in
plain text then I'm home free. I had it in plain text back at the logon.aspx
page, but is there a safe way to send that over to another page or store
it somewhere that I can retrieve?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:%2******** ********@tk2msf tngp13.phx.gbl. ..
I think you are looking at the wrong example, you're looking at code for
IIS authenticated users, not Forms Authenticated users. You'd essentially be
impersonating the already impersonated user! That line of code you
mentioned is equilavent to <identity impersonate="tr ue"> in web.config,
and yes User.Identity is HttpContext.Cur rent.User.Ident ity.
But none of that really matters for Forms Authentication. For you, you
need to scroll down to the little bit more messy code, "Impersonat e a Specific
User in Code". You'll have the username/password they used to log onto
your website, so just plug it in and have at it.
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:eZ******** ******@TK2MSFTN GP09.phx.gbl... That appears to be what I want to do.
I'm implementing the "Impersonat e the Authenticating User in Code" and I
have one small problem.
The second line of code is (this is in C#)
impersonationCo ntext =
((System.Securi ty.Principal.Wi ndowsIdentity)U ser.Identity).I mpersonate();
What the heck is User.Identity? I can't find the type or namespace? Is
this simply the username that is logged in. Should I be using
HttpContext.Cur rent.User.Ident ity.Name
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
"Raterus" <ra*****@spam.o rg> wrote in message
news:uC******** ******@tk2msftn gp13.phx.gbl...
Here is how you will need to do it, scroll down to "Impersonat e a
Specific User in Code"
http://support.microsoft.com/default...b;en-us;306158
--Michael
"- Steve -" <se****@foundat ion.sdsu.edu> wrote in message
news:OB******** ******@TK2MSFTN GP09.phx.gbl... I have forms based authentication working, using my Active Directory
for authentication.
I have a web page that creates a user in active directory. When I was
using IIS authentication it worked fine, now it doesn't. I'm assuming it's
running in the context of the IIS anonymous user. How can I get it to
run as the user that logged in with the forms based authentication?
--
Steve Evans
Email Services
SDSU Foundation
(619) 594-0708
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Billy Jacobs |
last post by:
I have a website which has both secure and non-secure
pages. I want to uses forms authentication. How do I
accomplish this?
Originally I had my web.config file in the root with Forms
Authentication set up and it worked just fine. Then I
realized that I needed to have some pages unsecure.
I then created 2 directories. One named Secure and...
|
by: Nick |
last post by:
I am working a new application...well actually a series of applications for
my company. They want internal users to be able to go to a site and
everything regarding security is transparent, however we will have brokers
and customers that also need to connect and will require a username and
password. In this case we were going to store their...
|
by: techfuzz |
last post by:
I'm posting my problem experience and solution I found here for other
ASP.NET developers.
I have a web application that uses Forms Authentication with Active
Directory to control access. In this web application, I have search
page that utilizes the Windows Indexing Service (MSIDXS provider).
For reasons I'm not aware of at this time,...
|
by: Marty Underwood |
last post by:
Okay the subject line explains a scenario I just had to tackle but I am
looking for a better way.
The current way:
1) Use forms authentication.
2) Query Active Directory and bind to a user object if no exception create
custom authentication ticket.
3) But I also needed Role based security within the app. So I used SQL
server 2k DTS...
|
by: dhnriverside |
last post by:
Hi there
I'm using Windows Authentication to automatically recognise users in my web
app. However, I want directory to be password protected, so if they try to
visit the page in there, they MUST enter their password in a Windows Login
style popup (FOrms AUthentication).
I think I need to out another web.config in the directory with...
| | |
by: pjdouillard |
last post by:
Hello all,
Here is the context of my problem:
We have an ASP.NET 1.1 application that has its own application pool
setup and that runs under the identity of a NT Domain service account
(this is for security reason when accessing databases). We use the
Integrated Windows authentication to authenticate users, and we have
setup the...
|
by: Hriday |
last post by:
Hi there, Please help me..It is urgent
This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to Pop up windows Authentication box so
that user will give his userId, Password & domain name for
authenticaion. After that I want to take these...
|
by: troywalker |
last post by:
I am new to LDAP and Directory Services, and I have a project that
requires me to authenticate users against a Sun Java System Directory
Server in order to access the application. I have found dozens of
examples of how to authenticate users against Active Directory, but AD
seems to be a different animal than Sun Java System Directory Server....
|
by: Max2006 |
last post by:
Hi,
We prefer ASP.NET Forms Authentication in our ASP.NET 3.5 application;
however we have to use Active Directory for user name and password storage.
Is that possible? Is there any sample application to do this?
Thank you,
Max
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
