Windows Authentication

[Jeff Robinson]

I am interested in building a site with integrated windows authentication
using acl groups. Is it possible without having users and roles defined in
the database or is windows authentication, within asp.net, intended to
validate the user and pass the user to the defined joined users/roles in the
db thereby giving certain access to areas of the site?

Is there any good resources on window authentication and asp.net anyone can
recommend ?

Thanks,
Jeff

 

[Chris Jackson]

With ASP.NET, you face a more complicated identity matrix, which is
described here:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetAP05.asp

If you want to authenticate your application using windows authentication,
but have a single account access the database, you can configure IIS to use
anonymous authentication with a domain account, use windows authentication
for ASP.NET, and set impersonation to true. As a result, you will be using
local ACLs to control access to your site, but the domain account that IIS
is running under any time that you make a request to another server.

 

[Me2]

Additionally, look at this MSDN article:

http://msdn.microsoft.com/library/d...tml/cpconTheWindowsAuthenticationProvider.asp