J
Julia Beresford
Hi
I am setting about implementing security in my Web Application. I want to
use Forms authentication and Active Directory (it’s a project requirement).
However I’m getting confused about the right way to do this. Here are some
questions I’m coming up with:
What is the difference between calling LogonUser and querying the UserName
and Password against ActiveDirectory?
Do I want my application to ‘impersonate’ the user who logs on (by using the
token from LogonUser)?
My plan was to query the user name and pw against AD and retrieve
information about that user, i.e. what groups they are a member of. Using
this group information I would then know what rights they do/don’t have
within my application. Is this approach an acceptable one?
Many thanks for any thoughts/comments on this.
Julia Beresford
I am setting about implementing security in my Web Application. I want to
use Forms authentication and Active Directory (it’s a project requirement).
However I’m getting confused about the right way to do this. Here are some
questions I’m coming up with:
What is the difference between calling LogonUser and querying the UserName
and Password against ActiveDirectory?
Do I want my application to ‘impersonate’ the user who logs on (by using the
token from LogonUser)?
My plan was to query the user name and pw against AD and retrieve
information about that user, i.e. what groups they are a member of. Using
this group information I would then know what rights they do/don’t have
within my application. Is this approach an acceptable one?
Many thanks for any thoughts/comments on this.
Julia Beresford