We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Authenication of Internet Web Page Users

RX87325
RX87325 asked
on
Medium Priority
340 Views
Last Modified: 2008-02-01
My Configuration:  
          Novell Client 4.90 SP2
          Window Server 2000
          Internet Information Services 5.0
          ASP based web pages
          Intranet only (behind a firewall)

My Limitations:
          Zero experience using Novell

My Problem:
          I need to open my web pages up to only authenticated internet users  and secure my web pages.

My Question:
          Can I use existing Novell accounts to validate internet users via ASP?
Comment
Watch Question

Commented:
You could use the Novell LDAP library for C#
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=http--wwwnovellcom-coolsolutions-qna-11263html&sliceId=&dialogID=16818306&stateId=0%200%2016814671
I presume by "Novell account" you mean "Novell Netware eDirectory account"?

If you ever decide to upgrade your hosting platform from the legacy Windows operating system, mod_ldap, mod_ldap_auth, and mod_edir for Apache can be setup to do LDAP over SSL in about 5 minutes.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
CERTIFIED EXPERT
Commented:
<pet peeve>

"Novell" is a company. It makes a number of products, including "SUSE Linux", "eDirectory", "Identity Manager" and "NetWare". You didn't write "Microsoft Server 2000", did you?

</pet peeve>

As alexoft has mentioned, you could use the C# NDK to code the calls in the ASP to authenticate against eDirectory through the LDAP interface. Note that the eDirectory environment is no different than any other platform providing services - the LDAP functionality needs to be installed/enabled/configured/whatever. If you're not the admin of the eDirectory environment, then you need to talk to the person who is and find out how to architect your LDAP connection - some example questions could include:

1) Are you going to do an Anonymous Bind (easier), or do you need to authenticate before you query (more secure)?
2) Is the LDAP interface configured for SSL (let's hope it is, especially if you're not doing Anonymous Binds)?
3) What is the Base DN?

LDAP is, of course, not the only interface available for eDirectory, but as long as you're stuck on the Windoze platform, it's probably the best route if the scale is small.
CERTIFIED EXPERT
Commented:
There are other APIs available as well, and I think there may even be some ASP stuff out on devnet.

If you choose to do LDAP, make sure you do secure LDAP so the auth traffic has some encryption going on, and keep in mind that the "CN=x,OU=x,DC=x,DC=x" notation that's the only one Microsoft talks about is used only when your tree structure is based on DNS rather than true x.500 hierarchy. You need to use "normal" x.500 naming for your LDAP lookups where the top level is "O" instead of "DC".
Commented:
Here is a link to the Novell Developer site and some sample code for verifying user/password against NDS.
It requires the Novell ActiveX Controls to create the NWDir and NWSess objects.

http://developer.novell.com/wiki/index.php/TID102274_%28aspverif%29_Sample_code_demonstrating_how_to_verify_user_agains_NDS_from_IIS-ASP

Author

Commented:
I found a software vendor call Stoneware that provides the functionallity I needed.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.