Solved

Authenication of Internet Web Page Users

Posted on 2006-11-07
5
284 Views
Last Modified: 2008-02-01
My Configuration:  
          Novell Client 4.90 SP2
          Window Server 2000
          Internet Information Services 5.0
          ASP based web pages
          Intranet only (behind a firewall)

My Limitations:
          Zero experience using Novell

My Problem:
          I need to open my web pages up to only authenticated internet users  and secure my web pages.

My Question:
          Can I use existing Novell accounts to validate internet users via ASP?
0
Comment
Question by:RX87325
5 Comments
 
LVL 19

Assisted Solution

by:alextoft
alextoft earned 125 total points
ID: 17887656
You could use the Novell LDAP library for C#
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=http--wwwnovellcom-coolsolutions-qna-11263html&sliceId=&dialogID=16818306&stateId=0%200%2016814671
I presume by "Novell account" you mean "Novell Netware eDirectory account"?

If you ever decide to upgrade your hosting platform from the legacy Windows operating system, mod_ldap, mod_ldap_auth, and mod_edir for Apache can be setup to do LDAP over SSL in about 5 minutes.
0
 
LVL 34

Assisted Solution

by:PsiCop
PsiCop earned 125 total points
ID: 17889862
<pet peeve>

"Novell" is a company. It makes a number of products, including "SUSE Linux", "eDirectory", "Identity Manager" and "NetWare". You didn't write "Microsoft Server 2000", did you?

</pet peeve>

As alexoft has mentioned, you could use the C# NDK to code the calls in the ASP to authenticate against eDirectory through the LDAP interface. Note that the eDirectory environment is no different than any other platform providing services - the LDAP functionality needs to be installed/enabled/configured/whatever. If you're not the admin of the eDirectory environment, then you need to talk to the person who is and find out how to architect your LDAP connection - some example questions could include:

1) Are you going to do an Anonymous Bind (easier), or do you need to authenticate before you query (more secure)?
2) Is the LDAP interface configured for SSL (let's hope it is, especially if you're not doing Anonymous Binds)?
3) What is the Base DN?

LDAP is, of course, not the only interface available for eDirectory, but as long as you're stuck on the Windoze platform, it's probably the best route if the scale is small.
0
 
LVL 35

Assisted Solution

by:ShineOn
ShineOn earned 125 total points
ID: 17891865
There are other APIs available as well, and I think there may even be some ASP stuff out on devnet.

If you choose to do LDAP, make sure you do secure LDAP so the auth traffic has some encryption going on, and keep in mind that the "CN=x,OU=x,DC=x,DC=x" notation that's the only one Microsoft talks about is used only when your tree structure is based on DNS rather than true x.500 hierarchy. You need to use "normal" x.500 naming for your LDAP lookups where the top level is "O" instead of "DC".
0
 

Accepted Solution

by:
N3tb0ss earned 125 total points
ID: 18009314
Here is a link to the Novell Developer site and some sample code for verifying user/password against NDS.
It requires the Novell ActiveX Controls to create the NWDir and NWSess objects.

http://developer.novell.com/wiki/index.php/TID102274_%28aspverif%29_Sample_code_demonstrating_how_to_verify_user_agains_NDS_from_IIS-ASP
0
 

Author Comment

by:RX87325
ID: 18009458
I found a software vendor call Stoneware that provides the functionallity I needed.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question