Last post Mar 16, 2016 10:17 AM by Mikesdotnetting
Mar 16, 2016 07:32 AM|Cudran|LINK
I have a website which uses Windows Authentication. I need to restrict access to only a few users, who are present in a local database. How can I achieve it? For example, my database has "domain\user1", only user1 should be allowed. "domain\user2", "domain\user3"
..... should not be allowed.
Thanks in advance
Mar 16, 2016 08:19 AM|Mikesdotnetting|LINK
Probably the most straightforward way is to create a role on the server and then add your selected users to it, and then check to see if the current user belongs to your special role:
//boot them out
Mar 16, 2016 09:53 AM|Cudran|LINK
Thanks Mike, but the requirement is that the list of authorized users ("domainname\username") will be in a database. We'll have to allow only these users. We cannot create roles as we do not have access.
Mar 16, 2016 10:17 AM|Mikesdotnetting|LINK
I would query the database for the list of approved users at application startup and cache the resulting data (as a list, Datatable, whatever) and then query that to see if the current user is in the list. If they are not on the list,.... you know the rest.