Hi all, I am writing a web application which will operate in a domain environment. I would like to secure the application using Windows Authentication.
There are two aims for the security within the project: 1) The intention is to check whether the user has a specific custom role "MYADMIN" or "MYUSER" (The MYADMIN users have more functionality than the MYUSER users). If the user does not have either of these roles, they are should be sent to a login screen where they can enter their domain user account details. 2) If the current user has the role "MYUSER", but we want a different user to log on (from the same instance of the browser - i.e. logging out the current user) we need to display a login screen and then check the credentials and perhaps impersonate that user. Therefore the question is, can I take a users details through the user of a form and check the details against the domain. I found that if I inserted a section in the web config file stating deny all user other than the roles specified - then a "Enter Network Password" dialog would appear asking the user to enter the credentials. Is it possible to put this dialog into a form (for presentation purposes). It is also possible to tell the browser (and therefore IIS) that the current user has changed and show the dialog box (or better still a login page with form? Sorry if this has confused anyone, but its not too easy to explain! I look forward to recieving any information that anyone can offer Thanks in advance Rob You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
