I
InspektorDerrick
Hi,
I'm new in ASP.NET and I've got a question about authentication in an
intranet application:
I want to authentify and authorize the user by a database. Authentication
should work like this:
1. evaluate the windows username
2. check if user exists in database
yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
(roles from database)
no -> 3.
3. redirect to logon form
4. check if the user exists in database
yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
(roles from database)
no -> securityexception or redirect
The problem is, if I use Windows-Authentication I may not change
Principal(?), if I use Forms-Authentication I cannot get the windows-user
from step 1 (?)
I'm new in ASP.NET and I've got a question about authentication in an
intranet application:
I want to authentify and authorize the user by a database. Authentication
should work like this:
1. evaluate the windows username
2. check if user exists in database
yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
(roles from database)
no -> 3.
3. redirect to logon form
4. check if the user exists in database
yes -> new customIdentiy (IsAuthenticated = true), new customPrincipal
(roles from database)
no -> securityexception or redirect
The problem is, if I use Windows-Authentication I may not change
Principal(?), if I use Forms-Authentication I cannot get the windows-user
from step 1 (?)