Pass-Through Authentication from Active Directory to ASP.Net
Posted on 2010-08-17
I have an ASP.Net application using forms authentication against an SQL database which also provides roles and other privileges based upon the user ID. We want to integrate the application with Active Directory to provide a single login to the user. Then when the user attempts to access the ASP.Net application the user identity will be obtained from the network login, the SQL database queried to set roles (if they have an account with roles defined…otherwise redirect to page instructing them to request an account), set their session variables, and redirect them to the appropriate page. Seems simple enough.
Here’s what I could use some assistance with:
1. What security settings are required for IIS 6.0 to work with ASP.Net and this authentication method? Remove “Anonymous Access” and use “Integrated Windows Authentication”?
2. Is the authentication method in web.config now “Windows” rather than “Forms Authentication”? If I’m getting the user identify from the network login all I need to do is get their roles from the database and set their session...as long as the session has not expired the user can access what their roles allow in the application.
3. How can I best simulate a domain/AD environment on an XP development laptop? Or do I just use windows authentication in XP as a “network like” login…in other words a different authentication approach in development versus production. I do have remote access to a development system that is identical to production but only test what has been developed on the XP laptop.
My experience is data management and web applications and I have very little experience or knowledge with server configurations or active directory. Any input, code examples, links, would be appreciated. Thanks!