Hi, I want to authenticate users from another (trusted) forest in my Asp.Net application. So far, i've got this in my web.config:
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug="true" />
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
My application is running on a server in domain A, in forest A. I want to restrict access to my application to a group in domain A. This group will be a 'domain local group'. This group will contain users from domain B in forest B. Forest B is trusted by forest A.
Having said all that, if there's a better way, let me know.
Thanks in advance
-update-
I've just tested it with users, and the User.Identity.Name does seem to be correct. Also, User.IsInRole seems to be giving me the expected results when checking if the user in the other forest is in my forest's domain local group. Still just need some luck getting the 'allow' and 'deny' thing to work in the web.config.