awilderbeast
asked on
ASP.net IIS - if intergrated authentication fails, fall back to form based?
hi all,
what i want to be able to do is, 1 group of users has integrated authentication against my internal website, but if someone outside that group wants to connect they would get prompted with a forms based authentication.
EDIT: this is based on active directory authentication
is this possible?
Thanks
what i want to be able to do is, 1 group of users has integrated authentication against my internal website, but if someone outside that group wants to connect they would get prompted with a forms based authentication.
EDIT: this is based on active directory authentication
is this possible?
Thanks
ASKER
can you show me this function in c#?
for example..
if (ADUser.groups != "GROUPNAME")
{
redirect loginform.aspx
}
intergrated Authentication;
for example..
if (ADUser.groups != "GROUPNAME")
{
redirect loginform.aspx
}
intergrated Authentication;
Courtesy of http://www.developerfusion.com/tools/convert/vb-to-csharp/
public ArrayList GetADGroups()
{
//##########
//### Returns an array of Active Directory groups the current user belongs to
ArrayList aryGroups = new ArrayList();
foreach (System.Security.Principal .IdentityR eference irefGroup in System.Web.HttpContext.Cur rent.Reque st.LogonUs erIdentity .Groups) {
aryGroups.Add(irefGroup.Tr anslate(ty peof(Syste m.Security .Principal .NTAccount )).ToStrin g().ToLowe r());
}
return aryGroups;
}
public ArrayList GetADGroups()
{
//##########
//### Returns an array of Active Directory groups the current user belongs to
ArrayList aryGroups = new ArrayList();
foreach (System.Security.Principal
aryGroups.Add(irefGroup.Tr
}
return aryGroups;
}
ASKER
ok so i can do an if statement to check for ad groups then if a user is not in ad and i redirect to the login form how will the web config know to take the form credentials and not the integrated credentials it would take for the ad group?
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
Here's one way to do this:
Public Function GetADGroups() As ArrayList
'##########
'### Returns an array of Active Directory groups the current user belongs to
Dim aryGroups As New ArrayList()
For Each irefGroup As System.Security.Principal.
aryGroups.Add(irefGroup.Tr
Next
Return aryGroups
End Function
You could modify my code to check for a particular group and do something based on whether or not it exists in the list. I do things a little differently, but this should accomplish what you want.