I would approach this using the following:
Have a global function that checks the
request.serverVariables("Auth_User") to determine if the user is logged
in or not. AUTH_USER will return blank if the user is anonymous. Based
on the return of the function, show or hide content.
If the user is anonymous, give a link to a protected page for login.
The page can be protected in a subdirectory with a web.config that
denies anonymous access. When the user logs in, the protected page just
redirects to where they came from
(request.servervariables("http_referer"))
I'm not sure how you handle your roles (database, XML, or Active
Directory), but you could create a genericIdentity and store it in
session when the user is authenticated or when the session starts
(depending on whether they entered anonymously or logged in previously).
Then you could use the IsInRole() to show or hide content. You will be
putting some code in the globabl.asax file to check the user roles if
you go this route.
The multiple directory solution is not a solution and will kill you in
short time.
----
700cb Development, Inc.
http://www.700cb.net
..NET utilities, developer tools,
and enterprise solutions
"Kjell Kristiansson" <kj******@hotmail.com> wrote in
news:eO**************@TK2MSFTNGP14.phx.gbl:
In developing a solution I ran into a problem where I have found no
acceptable solution. The problem is combining users with anonymous
login and
users logged in to a domain in the same .aspx application.
Here is some background:
- the application will be accessable from the Internet, extranet and
intranet.
- no logon required but then you get limited information/functionality
- if you'r not logged on you will be provided an option to log on
- users already logged on to the domain should not need to logon in
app - different groups of users get different
information/functionality - the app needs to read from the directory
- Win2k server, ASP.NET 1.1, VB/C#
This must be a fairly common problem but still I have found no
acceptable way to do this. I can solve it by splitting the solution to
different directories with different authority, having an open
startpage to do the analysiz etc.
Kjell K.
PS I have already asked a similar question in the security group