SA Developer .NET

I don't really know where else to start looking at this, except here. I need to implement a simple combination of Windows authentication, with custom authorization. I'm supposed to get an employee number from the user's domain login, and then look up authorization for various forms in a custom table. This is all very small scale, so I don't yet want to complicate things by implementing a provider etc. I would just like some guidance on where to start. How do I initialise and use the session in this case?

---

Unscrambling Eggs: Decompiling ASP.NET

You can use windows authentication managed through IIS and forms authentication for asp.net. You can specify users in a list in your web.config file or authenticate them using your database.

Take a look here - http://msdn.microsoft.com/en-us/library/aa480476.aspx

You will not have to use a provider or a custom provider for this.

 

 

---

SA Developer .Net Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.

Hi ProfK,

don't know if I understood you properly, but would .htaccess help?

 

---

I'm going to regret forging this...

fridgi:

You can use windows authentication managed through IIS and forms authentication for asp.net. You can specify users in a list in your web.config file or authenticate them using your database.

Take a look here - http://msdn.microsoft.com/en-us/library/aa480476.aspx

You will not have to use a provider or a custom provider for this.

 

Aye, there's the rub; I don't want to have to specify each user, only privilidged ones.  Other users must only be authenticated on the domain, and have an employee number.  Having said that, I haven't yet read the link, which may help, thanks.

---

Unscrambling Eggs: Decompiling ASP.NET

ProfK:

I don't really know where else to start looking at this, except here. I need to implement a simple combination of Windows authentication, with custom authorization. I'm supposed to get an employee number from the user's domain login, and then look up authorization for various forms in a custom table. This is all very small scale, so I don't yet want to complicate things by implementing a provider etc. I would just like some guidance on where to start. How do I initialise and use the session in this case?

 ProfK, I have a very similar situation in the project I'm currently busy with. We take the user's domain login, and check it against a table with roles in it. Based on the role they get a specific menu of items.

I would suggest you could go the same route, but go one step further in that if the user does not have an entry in the table, then provide a default. Would that solve your problem?