473,382 Members | 1,639 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > authentication as signature

Join Bytes to post your question to a community of 473,382 software developers and data experts.

Authentication as signature

I am working on an intranet and have a web app that I need to use
authentication for signing a document.

As an organization we have decided that a username and date/time stamp
would be sufficient to be considered a signature.

On some pages data is submitted and I'm just concerned about capturing
the username. On other pages I'm very concerned that the person
submitting data is really the person who is logged into the machine
(2003 server Active Directory). When they submit data on these pages I
would like to reprompt for password. To get to these pages it would be
nice if I could not prompt for the password and use NTSF permissions to
allow them access without prompting for password.

Any ideas on how to do this would be GREATLY appreciated.

Thanks,
Greg

Nov 19 '05 #1
3 1044
Hi Greg:

You can have your asp.net application use Windows authentication and
impersonate the client's identity. Impersonation would allow you to
use NTFS permissions to perform authorization. Your web.config would
look something like:

....
<authentication mode="Windows" />
<authorization>
<deny users="?"/> <!-- no anonymous users -->
<allow users="*">
</authorization>
<identity impersonate="true" />
....

Some more details are available here:
http://msdn.microsoft.com/library/de...SecNetch03.asp

--

Scott
http://www.OdeToCode.com/blogs/scott/
On 11 Feb 2005 01:38:38 -0800, yz******@gmail.com wrote:
I am working on an intranet and have a web app that I need to use
authentication for signing a document.

As an organization we have decided that a username and date/time stamp
would be sufficient to be considered a signature.

On some pages data is submitted and I'm just concerned about capturing
the username. On other pages I'm very concerned that the person
submitting data is really the person who is logged into the machine
(2003 server Active Directory). When they submit data on these pages I
would like to reprompt for password. To get to these pages it would be
nice if I could not prompt for the password and use NTSF permissions to
allow them access without prompting for password.

Any ideas on how to do this would be GREATLY appreciated.

Thanks,
Greg


Nov 19 '05 #2
I reviewed the posted document. Thanks for the link.

The other item I asked about was how to prompt for password in
sensitive pages.

I don't care if any authorized user enters data on the page, but based
on the data entered, I would like to ask them to enter their password
to authenticate the data before posting to the DB.

Thanks,
Greg

Nov 19 '05 #3
You could use some code from the following chapter to validate a
username/password against active directory:

http://msdn.microsoft.com/library/de...l/secmod16.asp

All you'll need then is to design a form to allow the user to type in
a password.

--
Scott
http://www.OdeToCode.com/blogs/scott/

On 11 Feb 2005 08:43:29 -0800, yz******@gmail.com wrote:
I reviewed the posted document. Thanks for the link.

The other item I asked about was how to prompt for password in
sensitive pages.

I don't care if any authorized user enters data on the page, but based
on the data entered, I would like to ask them to enter their password
to authenticate the data before posting to the DB.

Thanks,
Greg


Nov 19 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
php authentication
by: dave | last post by:
Hello, I'm trying to get php authentication going both on a Linux rh9 box and two *bsd systems. In none of these cases is it working as passwords are shadowed and i don't want to make the shadowed...
PHP
0
Digest Authentication (RFC 2831)
by: Jp Calderone | last post by:
I've been trying to implement support for this authentication scheme for a little while now, and in the last couple days I've been completely stumped. I know about the digest authentication code...
Python
7
how password is stored and check the authentication??
by: jrefactors | last post by:
I want to ask how password is stored and how to check the authentication? I have heard password is never encrypted and decrypted, but it is hashed. For example, consider a simple email logon...
C / C++
2
ODBC, SQL and Access: File DSN ignores authentication settings
by: Tina Robichaux | last post by:
I have found info on this problem at MS, but they say this problem does not occur with SQL 2K and MDAC 2.6 SP2, yet I am still experiencing it: I have a SQL user specifically created to SELECT...
Microsoft Access / VBA
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
20
ident authentication problem
by: Shanta McBain | last post by:
Hi I am running Mandrake 10 and would like to get sql-ledger to access the database. I can get in to the database with a local user at the command prompt and Web Admin. sql-ledger returns...
PostgreSQL Database
2
eror authentication mode = ....
by: wiktor.dzierzecki | last post by:
I try to build a simple web aplication in ASP.NET in Visual Studio 5. When I run finished web aplication from inside VS5: localhost:1675/test2/Default.aspx everything is OK, works good. But when...
ASP.NET
0
Authentication: multiple auth types for one site
by: stevecnz | last post by:
I'm looking for feedback on an authentication solution we are considering for an ASP.NET 2.0 project. The site will be accessed by both internal users who are logged into the Windows domain, and...
ASP / Active Server Pages
1
Re: urllib2 Basic authentication, what am I doing wrong?
by: Max Erickson | last post by:
On Apr 13, 2:11 pm, Michel Bouwmans <mfb.chikaz...@gmail.comwrote: I've attempted to use a password manager and auth manager and failed in the past, so this is only a guess, but presumably,...
Python
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!