Windows authentication with password re-validation in asp.net
Posted on 2009-04-28
I have a requirement to develop an asp.net site with windows authentication. So typically for such a site, if the user is logged on his machine, he should be able to access the desired information he has access to.
How ever, the requirement is to have a validation like this:
The user is presented with a form with user id and password box with user id disabled and pre filled with his/her windows account id. The user must re-enter his windows password to gain access to his site. Once the user id and password are validated against the AD then the user ID must be passed to SQL data base to check whether he is a valid user with the application. (List of valid user will be maintained in a SQL table with their windows ID and respective roles.). If validated against the SQL DB, the role information must be brought to client.
can someboby help me out of this?