Hi,
I would just go for the LDAP authentication of the users. Then just use a method or something called: CheckUserAccess(username) (this is just a method I made up!)
I do almost something simular in a webapplication. For this I override the login event:
Protected Sub LoginControl_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles LoginControl.Authenticate
If ValidateUser(Me.LoginControl.UserName, Me.LoginControl.Password) Then
If UserInAppDb(Me.LoginControl.UserName) Then
e.Authenticated = True
Else
e.Authenticated = False
Me.LoginControl.FailureText = "You are not known in the application DataBase. Please contact IT Helpdesk."
End If
Else
e.Authenticated = False
Me.LoginControl.FailureText = "You are not an Authenticated User. Please contact IT Helpdesk."
End If
End Sub
You can find the validateUser method in the System.Web.Security.Membership. The UserInAppDb is my custom method that checks to see if the user has access to the application.
Kind regards,
Wim
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.