473,326 Members | 2,133 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

ASP.NET web application and authentication

Hi

I was thinking about administering a web application written in ASP.NET
(C#). when the authentication mode is set to "Windows", do all users within
that particular domain have access? how do you decide who has access? which
domain has access?

eg. if the web server exists in the domain "GJDOM", then will all users in
this domain have access?
And if i were to block access to user "GJDOM\frank" how would i do that?
The other side is; if i wanted to give access to "GJDOM2\anotherfrank" how
would i do that?

adding the <allow> and <deny> nodes could prove to be a bit tedious.

Thanks
Jason
Nov 15 '05 #1
3 1645
Jason,

If you set the authentication mode to Windows, then any domain in the
network should have access to the site. The reason for this is that the
domain can be added before the username and then the user can log in.

By default, all pages in your site will be viewable by anyone connecting
to it. What you want to do is modify the contents of the web.config file,
and modify <authorization> tag so that you limit only the users/groups that
you want to your application.

If this doesn't meet your needs, you can always implement the
IAuthenticationModule interface and register it (by modifying the web.config
file) so that you handle the authentication on your own (you can then use
Windows authentication, but fail the authentication on those you don't want
accessing your site. This bends the definition of authentication and
authorization somewhat, though).

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"Jason" <c_*******@mighty.co.za> wrote in message
news:Oo**************@TK2MSFTNGP11.phx.gbl...
Hi

I was thinking about administering a web application written in ASP.NET
(C#). when the authentication mode is set to "Windows", do all users within that particular domain have access? how do you decide who has access? which domain has access?

eg. if the web server exists in the domain "GJDOM", then will all users in
this domain have access?
And if i were to block access to user "GJDOM\frank" how would i do that?
The other side is; if i wanted to give access to "GJDOM2\anotherfrank" how
would i do that?

adding the <allow> and <deny> nodes could prove to be a bit tedious.

Thanks
Jason

Nov 15 '05 #2
Yeh, helps thanks!

"so that you limit only the users/groups that you want to your application."
is this users/groups on the web server or on the domain?

My scenario is that clients should be able to administer their own web
server, therefore selecting which users have access. whats the best solution
for this? users must not have to input passwords.

Thanks again
Jason

"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote in
message news:Ol****************@tk2msftngp13.phx.gbl...
Jason,

If you set the authentication mode to Windows, then any domain in the
network should have access to the site. The reason for this is that the
domain can be added before the username and then the user can log in.

By default, all pages in your site will be viewable by anyone connecting to it. What you want to do is modify the contents of the web.config file,
and modify <authorization> tag so that you limit only the users/groups that you want to your application.

If this doesn't meet your needs, you can always implement the
IAuthenticationModule interface and register it (by modifying the web.config file) so that you handle the authentication on your own (you can then use
Windows authentication, but fail the authentication on those you don't want accessing your site. This bends the definition of authentication and
authorization somewhat, though).

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"Jason" <c_*******@mighty.co.za> wrote in message
news:Oo**************@TK2MSFTNGP11.phx.gbl...
Hi

I was thinking about administering a web application written in ASP.NET
(C#). when the authentication mode is set to "Windows", do all users

within
that particular domain have access? how do you decide who has access?

which
domain has access?

eg. if the web server exists in the domain "GJDOM", then will all users in this domain have access?
And if i were to block access to user "GJDOM\frank" how would i do that?
The other side is; if i wanted to give access to "GJDOM2\anotherfrank" how would i do that?

adding the <allow> and <deny> nodes could prove to be a bit tedious.

Thanks
Jason


Nov 15 '05 #3
Jason,

If you want to do this, then you should have your implementation of the
authentication manager query some sort of database (or other persistant
storage) to check which root they are trying to access. If they are trying
to access an invalid route, then you cheat, and say they are not
authenticated (which is a lie, because they are authenticated, not
authorized).
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Jason" <c_*******@mighty.co.za> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Yeh, helps thanks!

"so that you limit only the users/groups that you want to your application." is this users/groups on the web server or on the domain?

My scenario is that clients should be able to administer their own web
server, therefore selecting which users have access. whats the best solution for this? users must not have to input passwords.

Thanks again
Jason

"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote in message news:Ol****************@tk2msftngp13.phx.gbl...
Jason,

If you set the authentication mode to Windows, then any domain in the
network should have access to the site. The reason for this is that the
domain can be added before the username and then the user can log in.

By default, all pages in your site will be viewable by anyone connecting
to it. What you want to do is modify the contents of the web.config file, and modify <authorization> tag so that you limit only the users/groups

that
you want to your application.

If this doesn't meet your needs, you can always implement the
IAuthenticationModule interface and register it (by modifying the

web.config
file) so that you handle the authentication on your own (you can then use Windows authentication, but fail the authentication on those you don't

want
accessing your site. This bends the definition of authentication and
authorization somewhat, though).

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"Jason" <c_*******@mighty.co.za> wrote in message
news:Oo**************@TK2MSFTNGP11.phx.gbl...
Hi

I was thinking about administering a web application written in ASP.NET (C#). when the authentication mode is set to "Windows", do all users

within
that particular domain have access? how do you decide who has access?

which
domain has access?

eg. if the web server exists in the domain "GJDOM", then will all users in this domain have access?
And if i were to block access to user "GJDOM\frank" how would i do
that? The other side is; if i wanted to give access to "GJDOM2\anotherfrank"

how would i do that?

adding the <allow> and <deny> nodes could prove to be a bit tedious.

Thanks
Jason



Nov 15 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: robert | last post by:
How do I get a remote XP Pro computer user on one domain to access and run a ..NET application on a different domain? Scenario: I was given a .NET application on domain (B) that I need to allow...
2
by: mark | last post by:
Can't figure this one out. I appears to not be code related. After surfing my asp.net web app for a while 5 - 10 min. it fails to open any further connections to my access 2000 database. There...
4
by: tommy | last post by:
hello everbody, i write a little asp-application with forms-authentication. i copy my aspx-files with web.config to my webspace and i get the error above... i tried to set the...
2
by: MW | last post by:
Hi, I'm trying to secure my application. I'm using forms authentication and I check passwords against a database. I have a login.aspx page in the root of my application, pages that I want...
4
by: pjdouillard | last post by:
Hello all, Here is the context of my problem: We have an ASP.NET 1.1 application that has its own application pool setup and that runs under the identity of a NT Domain service account (this...
2
by: Wiktor Zychla [C# MVP] | last post by:
Hi, I struggle for over an hour with the integrated Cassini web server. the problem I am facing is as follows: when I turn forms authentication on in the web.config file, the website seems to...
7
by: Alice Wong | last post by:
I am setting up my Web ASP.net application to connect to Sql server using windows authentication. I set up IIS to have integrated windows authenication and sql to allow Windows authentication....
1
by: whitehorse | last post by:
When the warehousecontroller service is invoked, the following error message is sent to the application log: Event Type: Error Event Source: TFS Warehouse Event Category: None Event ID: 3000...
5
by: isideveloper | last post by:
I'm building a new C# web application that will provide my company some administrative operations that were previously only completed by tweaking the data in the database. 1. Encrypted password...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.