Solved

LDAP, Domino and asp.net combination. beginner

Posted on 2008-06-10
5
1,025 Views
Last Modified: 2013-12-18
I would like to use Domino LDAP on server A  to authenticate users of a website on server B.
We have no LDAP yet running.  Admins don't want to install it because  If they enable LDAP they say all addressbooks will be available, not just one.
I thought it would be possible to enable LDAP for lookups in only those addressbooks which you make available for LDAP, but how ?

Small side question is that if i have LDAP enabled on server A and use ldap authentication on 3 websites, can a user then login in all 3 websites ?  How to restrain access to only one ?
0
Comment
Question by:RonaldZaal
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:brwwiggins
ID: 21753394
have the admins check into Directory assistance. With that you can specify what directories are available via LDAP

However you might have a difficult time sharing the login between 3 apps. Depending on how you authenticate, the LDAP routine will not generate a .NET authentication token to be shared across the sites. IT usually just returns either authenticated or not authenticated. You will have to figure out how to handle this on your own.

A cheap and dirty way that I've seen around this is to mix the built-in .net membership and role providers with the LDAP authentication. Once the user is authenticated via LDAP you manually authenticate in the code-behind to a asp.net username with the same name and some pre-determined password. It's kind of ugly and not the most secure but it was quick and dirty
0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 21754256
also, if you want more reading you can take a look here
http://www.novell.com/coolsolutions/appnote/14730.html
0
 
LVL 5

Author Comment

by:RonaldZaal
ID: 21762072
great aticle, thanks.
The admins have directory assistance allready setup with 5 addressbooks in it so their argument is now that if I use LDAP for authenticating a userX  in a website A he can be in any addressbook, this is ok.
But when i use LDAP for authenticating a user in website B, user X can still access it.
So, is there a way to restrain access to a website while still using LDAP with DA behind it which holds already 5 nabs ?
0
 
LVL 20

Accepted Solution

by:
brwwiggins earned 500 total points
ID: 21778903
There are several ways you could do this. One way would be to have a group in LDAP containing the authenticated users. Then on page_load of the main page have a routine to check if they are a member of the group and then set a session variable that you could use on other pages.

Other method is what I was hinting at before was use LDAP for password authentication but then try to tie it in with the built-in forms authentication of ASP.NET which has routines to restrict access by roles and so forth.
0
 
LVL 5

Author Comment

by:RonaldZaal
ID: 21791646
Many thanks, i think i understand what you mean and have enough info to instruct the admins.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
  In today’s Arena we can’t imagine our lives without Internet as we are highly used to of it. If we consider our life style just for only 2 min we found that face to face communication is swapped by e-communication.  Every Where from Works place to…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now