I'm trying to create a site security strategy that will allow authenticated AD users hit a site, without a login page, and deny access to users who are not authenticated. I have developed a proof-of-concept site based on http://www.christowles.com/2011/04/aspnet-forms-based-authentication-with.html but all I can make it do is authenticate against an Active Directory Membership Provider via a login page. I'd like to avoid that whole login thing. Does any one have any advice as to how I go about this?
christopher.baker.969952 0 Newbie Poster
JorgeM 958 Problem Solver Team Colleague Featured Poster
Yes, I've used that example from that site myself as well.
If you want to avoid the login process all together, you dont have to integrate your intranet site with Active Directory in that manner. Since you are developing an asp.net application, the assumption here is that you are running this on an Windows Server running IIS. If you disable anonymous authentication, and enable Windows Authentication in the web site settings, you can get the user's credentials in your asp.net code. A user's browser will send the currently logged on user's credentials to the web server in the form of domain\username.
In your asp.net code, you access this information as follows:
VB example...
Dim CurrentUser as String = User.Identity.Name
If you do need additional information after you have collected the user's login credentials, you could peform a lookup in Active Directory to retrieve the user's name, email addresss, and other attributes using DirectoryEntry and DirectorySearcher objects.
|-|x 126 Junior Poster in Training
I think what you are looking for is Windows authentication rather than Forms authentication.
You can set this in the web.config file as
<system.web>
<authentication mode="Windows"/>
</system.web>
You can read some about this on MSDN - you wont need to worry about impersonation unless the website needs to access restricted resources such as server shared directories.
annaharris 0 Junior Poster in Training
Setting the authentication mode to Windows may solve your problem.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.