tags:

views:

12

answers:

1
Q: 

AspNetActiveDirectoryMembershipProvider & mixed logins

Hi All,

I'm creating a WPF application, for which all users must be authenticated to an Active Directory. - Clientside, i'm using Client Application Services. - Server-side, i have an asp.net web application with a AspNetActiveDirectoryMembershipProvider.

All is working as expected.

There's one catch however. Some of the wpf application users log in with their windows in to the domain, others don't.

So for the users which are logged in to the domain (group A), I do not want to ask for their username/password at application startup. The other users (group B) of course have to supply their Active Directory Username/password at application startup. This group B just perform Membership.ValidateUser(userName, password), ending up in the AspNetActiveDirectoryMembershipProvider and be authenticated.

However, how can I check for group A that they have been succesfully authenticated to the AspNetActiveDirectoryMembershipProvider, without having to ask their username/password?

Thanks, Koen

A: 

Application services uses an http transport. There is no concept of tokens (the thing you get when you log in to your machine/domain) so unless you wish to completely rewrite an application services implementation (not.. not... not recommended) there is no way around logging in regardless of current authentication.

But this leads me to the question: If they are logged in to the domain, why are you using application services?

In your app, you could first check to see if the current identity belongs to the domain in question and if it is authenticated. If so proceed with the application. If not, fall back on Application services.

This type of hybrid is not terribly complicated but it will require a bit of planning and code on your part.

Sky Sanders  2010-09-23 04:03:23
My solution is indeed first checking if it belongs to the domain, if not falling back on Application Services.However, ideally, I would have loved to keep all authentication / authorization logic behind the interface of the Application Services. If I want to switch from Windows-based authentication to for instance database-based authentication, I have to modify both client and server.Thanks for your feedback,Koen
KoenJ  2010-09-28 06:27:55

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps