0

I have two text boxes (user and password) and drop-down list (domain) to authenticate user using Adcive Directory and database. Now when user clicks "Login" button his credentials are checked in Active Directory and if its authinticated, next method checks if user exists in database and checs its role. I would like to remove the logon page and enable automatically authentication using Windows authentication. I have changed the web.config file and chenged

<authentication mode="Forms">
  <forms loginUrl="~/LogIn.aspx" timeout="60" name="AuthCookie"/>
</authentication>

to

<authentication mode="Windows"></authentication>
<identity impersonate="true"/>

Now I would like to know how can I check if user exists in the database and check its role?

Thank you for your replies.

Improve this question
5
  • Using Windows Authentication will cause your application to query Active Directory, not your existing user database. Commented Sep 30, 2013 at 16:59
  • 1
    You probably don't want to use impersonation. Impersonation makes the worker process run as the logged in user, which means it will try to connect to the database as the windows user. Unless you've defined roles to allow the user to access the database, this probably isn't what you want. Commented Sep 30, 2013 at 17:47
  • @GarrisonNeely - i thought so but wasnt sure about that. Commented Sep 30, 2013 at 17:53
  • @Mystere Man - I have functional ID which connects to the database. Generally my point is to combine windows authentication with checking if user exists in database. Commented Sep 30, 2013 at 17:55
  • I have no idea what you mean by "functional id". The point I was making was that if you use impersonation, then IIS connects to the database using the credentials of whatever user is logged in, not the credentials of the application. Commented Sep 30, 2013 at 19:29

1 Answer 1

Reset to default
1

You'll need to implement your own authentication provider that will wrap both an AD backend and your own application's account database. You'll want to disable IIS' built-in Windows Authentication provider because your version will provide the implementation to use.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

@ironcurtain No, not really - I described an approach. The implementation depends on your existing infrastructure, so it would be impossible for me to write any code for it because you haven't provided sufficient detail.
If you wish I can provide You some details (eg. code I've already wrote). Just let me know what would be the best for you. Thanks
@ironcurtain You'd have to pay me too, my rate is $120USD/hour :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.