I am looking to build an intranet, that publishes certain info to the web. I need to combine windows and forms authentication.
It seems you must choose one, and hack the other [Nope]
Does anyone know how to do a decent (and secure!) implementation? Ideally I'd like the benefit of Roles etc to remain for both method of authentication.
I am looking to build an intranet, that publishes certain info to the web. I need to combine windows and forms authentication.
Hi
Base on my understanding, you not only want to authenticate user in Intranet with windows authentication, but also check Internet user using Forms authentication. Here is a good tutorial on how to validate user with Mixing Forms and Windows Security in ASP.NET.
Hope it helps
Ideally I'd like the benefit of Roles etc to remain for both method of authentication.
Are you using SqlRoleProvider? If so, ASP.NET will check the roles of current login user against database no matter which authentication type
Best Regards
XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
I have the same problem and the link you've provided is nice, but unfortunatelly does not explain the case when we need to retrieve roles associated with user from Active Directory .
I got it working. I don't know if its the best implementation (comments welcome [:)]), but it seems to work as per normal with role-based authentication. The trick is to assign the role to the full loginname, e.g. NAMEOFDOMAIN\Username, otherwise it doesn't
stick.
Partial Class administrator_rolemanager
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not Page.IsPostBack Then
DropDownList1.DataSource = Membership.GetAllUsers()
DropDownList1.DataTextField = "Username"
DropDownList1.DataTextFormatString = ("NAMEOFYOURDOMAINHERE\" & "{0}")
DropDownList1.DataBind()
cblRoles.DataSource = Roles.GetAllRoles()
cblRoles.DataBind()
End If
End Sub
Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click
'Update button
Dim Item As ListItem
For Each Item In cblRoles.Items
If Item.Selected Then
'If not already in role, add to role
If Roles.IsUserInRole(DropDownList1.SelectedValue, Item.Text) = False Then
Roles.AddUserToRole(DropDownList1.SelectedValue, Item.Text)
End If
Else
'If not already out of role, remove from role
If Roles.IsUserInRole(DropDownList1.SelectedValue, Item.Text) = True Then
Roles.RemoveUserFromRole(DropDownList1.SelectedValue, Item.Text)
End If
End If
Next
Dim roleItem As ListItem
For Each roleItem In cblRoles.Items
If Roles.IsUserInRole(DropDownList1.SelectedValue, roleItem.Text) = True Then
roleItem.Selected = True
Else
roleItem.Selected = False
End If
Next
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
'Go button
Dim roleItem As ListItem
For Each roleItem In cblRoles.Items
If Roles.IsUserInRole(DropDownList1.SelectedValue, roleItem.Text) = True Then
roleItem.Selected = True
Else
roleItem.Selected = False
End If
Next
End Sub
Connexity
Member
34 Points
45 Posts
Combining windows and forms authentication in an Asp.NET 3.5 website
Feb 21, 2008 02:48 PM|LINK
Hi there,
I am looking to build an intranet, that publishes certain info to the web. I need to combine windows and forms authentication.
It seems you must choose one, and hack the other [Nope]
Does anyone know how to do a decent (and secure!) implementation? Ideally I'd like the benefit of Roles etc to remain for both method of authentication.
Thanks,
Derick
XiaoYong Dai...
All-Star
38310 Points
4229 Posts
Re: Combining windows and forms authentication in an Asp.NET 3.5 website
Feb 25, 2008 10:55 AM|LINK
Hi
Base on my understanding, you not only want to authenticate user in Intranet with windows authentication, but also check Internet user using Forms authentication. Here is a good tutorial on how to validate user with Mixing Forms and Windows Security in ASP.NET. Hope it helps
http://msdn2.microsoft.com/en-us/library/ms972958.aspx
Are you using SqlRoleProvider? If so, ASP.NET will check the roles of current login user against database no matter which authentication type
XiaoYong Dai
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Neno
Member
25 Points
85 Posts
Re: Combining windows and forms authentication in an Asp.NET 3.5 website
Feb 26, 2008 01:55 PM|LINK
Hi,
I have the same problem and the link you've provided is nice, but unfortunatelly does not explain the case when we need to retrieve roles associated with user from Active Directory .
There's also a nice article under http://www.15seconds.com/issue/050203.htm , but fully applicable only to .NET 1.1 and not for later versions (what is wanted now).
So, how to retrieve roles associated with user from Active Directory ?
Best regards,
Neno
Connexity
Member
34 Points
45 Posts
Re: Combining windows and forms authentication in an Asp.NET 3.5 website
Feb 26, 2008 02:54 PM|LINK
Hi there,
I got it working. I don't know if its the best implementation (comments welcome [:)]), but it seems to work as per normal with role-based authentication. The trick is to assign the role to the full loginname, e.g. NAMEOFDOMAIN\Username, otherwise it doesn't stick.
web.config
<connectionStrings>
<add name="ADConnString"
connectionString="LDAP://yourdetailshere.local/DC=yourdetailshere,DC=local"/>
<add name="SqlServices"
connectionString="Data Source=...;Initial Catalog=Helpdesk;Integrated Security=True"
providerName="System.Data.SqlClient"/>
</connectionStrings>
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<clear/>
<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnString"
connectionUsername="USERNAME"
connectionPassword="PASSWORD"
attributeMapUsername="SAMAccountName"
enableSearchMethods="true"/>
</providers>
</membership>
<roleManager enabled="true">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider"
connectionStringName="SqlServices"
applicationName="/"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
rolemanager.aspx
<table cellpadding="0" cellspacing="0" style="width: 100%">
<tr>
<td valign="middle">
<asp:DropDownList ID="DropDownList1" runat="server">
</asp:DropDownList>
<asp:Button ID="Button1" runat="server" Text="Go" />
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
<asp:CheckBoxList ID="cblRoles" runat="server">
</asp:CheckBoxList>
<br />
<asp:Button ID="Button2" runat="server" Text="Update" />
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
<asp:BulletedList ID="BulletedList1" runat="server">
</asp:BulletedList>
</td>
</tr>
</table>
rolemanager.aspx.vb
Partial Class administrator_rolemanager
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not Page.IsPostBack Then
DropDownList1.DataSource = Membership.GetAllUsers()
DropDownList1.DataTextField = "Username"
DropDownList1.DataTextFormatString = ("NAMEOFYOURDOMAINHERE\" & "{0}")
DropDownList1.DataBind()
cblRoles.DataSource = Roles.GetAllRoles()
cblRoles.DataBind()
End If
End Sub
Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click
'Update button
Dim Item As ListItem
For Each Item In cblRoles.Items
If Item.Selected Then
'If not already in role, add to role
If Roles.IsUserInRole(DropDownList1.SelectedValue, Item.Text) = False Then
Roles.AddUserToRole(DropDownList1.SelectedValue, Item.Text)
End If
Else
'If not already out of role, remove from role
If Roles.IsUserInRole(DropDownList1.SelectedValue, Item.Text) = True Then
Roles.RemoveUserFromRole(DropDownList1.SelectedValue, Item.Text)
End If
End If
Next
Dim roleItem As ListItem
For Each roleItem In cblRoles.Items
If Roles.IsUserInRole(DropDownList1.SelectedValue, roleItem.Text) = True Then
roleItem.Selected = True
Else
roleItem.Selected = False
End If
Next
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
'Go button
Dim roleItem As ListItem
For Each roleItem In cblRoles.Items
If Roles.IsUserInRole(DropDownList1.SelectedValue, roleItem.Text) = True Then
roleItem.Selected = True
Else
roleItem.Selected = False
End If
Next
End Sub
End Class