user management with active directory login ?

Question

0.00/5 (No votes)

See more:

, +

HI,

i have developed a web application which client wants to run on intranet only. these website will not have public access. now what they want is complete application should be manage by active directory use / grouping. permission on application should be also manage by network login and groups only.

so i.e. if we have one form for add job. now he wants that if usergroup of dataentry department should only allow to access job form.

same thing for database tables. permission on database should also be dynamic. may i need to create dynamic connection string.

help me on this please ??

i dont have idea how to start even ???

Posted 5-Feb-14 0:06am

ravikhoda

Add a Solution

Comments

Dinesh.V.Kumar 5-Feb-14 6:23am

Please check the folllowing links...You might be able to get some idea..
http://www.codeproject.com/Articles/265870/Bypass-Forms-Authentication-to-Use-Active-Director
http://www.codeproject.com/Articles/15877/ADAM-and-LDAP-Client-Net-LDAP-Access-Control-for-A
Hope this helps!!!

Regards,
Dinesh Kumar.V.

ravikhoda 5-Feb-14 6:27am

can we apply database permissions using same things ?

Dinesh.V.Kumar 5-Feb-14 6:33am

If you want to restrict the user to read/write/delete/modify in all the tables in your db then you can do it using code. Can you please elaborate on this part?

Regards

ravikhoda 5-Feb-14 6:47am

ok let me explain what my client wants :
he already run some small access application using active directory ..but now he converted his site to asp.net.
next he wants that some pages will be access by only some users that is based on the active directory.

like job form for group a only and invoice form for group b. from your link i can see that at some level we can do some authentication on screen level...but again on database part i have a problem.

like invoice can be access by both finance and account group. but they both should be able to access based on some type of invoice only. this type is currently define in the database. how can i manage and check such things with active directory.

Dinesh.V.Kumar 5-Feb-14 6:56am

Hi Ravi,

Currently I dont have a solution for this...Give me some time...I will try to figure out on how it can be implemented and will let you know.

Regards

ravikhoda 5-Feb-14 7:00am

thanks for your help.

Dinesh.V.Kumar 6-Feb-14 0:10am

Try having a User Mapping Table...Map the user with the entities he/she can use in the User mapping table. Allow the user to access those entities in for which the user has permissions....

Am not sure if this will be apt...but to my knowledge this is one solution you can try...let me know if this doesnt work for you...I shall see what we can do for this..

Regards

ravikhoda 6-Feb-14 0:24am

sure i will check it. as this is something new for me so it may take some time but i will check it and update you. thanks for your help.

Dinesh.V.Kumar 6-Feb-14 0:27am

you are always welcome!!Have a nice day!!

Dinesh.V.Kumar 6-Feb-14 8:25am

Hope all is well thr...!!How is it going?

Regards

Dinesh.V.Kumar 7-Feb-14 7:03am

Any updates?

ravikhoda 7-Feb-14 7:20am

well i tried at some level but same time also busy with some other projects as well so it is not complete yet. however your links are helpful to me.

Dinesh.V.Kumar 7-Feb-14 7:22am

Just let me know if you are facing any issues.. we shall sort it out...

Regards,

Dinesh.V.Kumar 12-Feb-14 1:12am

hi..i just wanted to know if all is well with u about the issue u were facing//

Regards

Dinesh.V.Kumar 13-Feb-14 8:58am

Any updates?

Regards,

ravikhoda 2-Apr-14 8:19am

Hi ,
small query on the same question. we have setup window authentication on IIS and when we open site from localhost it works fine but when we open it by ip address it shows login popup i think this should not appear if we are using window authentication. am i missing any setting on IIS ?

Dinesh.V.Kumar 2-Apr-14 10:42am

Did u check the settings in web.config???if you have provided all the details required for windows authentication???
Please verify the below site...
http://www.codeproject.com/Articles/94612/Windows-Authentication

Hope this helps

Regards
Dinesh Kumar.V.

ravikhoda 2-Apr-14 23:59pm

thanks for your help. yeah it helps me. what was missing that it was some issues on validation of URL may be. when we use window authentication it do not allow special chars like . etc and that's why it won't work by ip address. i added my site to trusted zone and now it is working. also i was missing one setting when i don't want the login prompt on start up that i set identity impersonation = true but did not give credential for that. once i give user name and password it solve my issue. thanks for your help.

Dinesh.V.Kumar 3-Apr-14 7:42am

Am glad that what ever solution I have provided for you has worked...I was not exactly sure on the windows authentication part..but then the link has helped you and also has helped me through you...I will also keep the points you have mentioned above in my mind and will use it when required..

Thanks and Regards,
Dinesh Kumar.V.

ravikhoda 3-Apr-14 7:53am

great. if you have posted this as a solution i can accept that and up vote your answer. this will increase your reputation as well. hahahah anyways thanks for your help. and yeah this was also first project for me on window authentication.

Dinesh.V.Kumar 3-Apr-14 8:40am

I can still do it...if you will upvote for me...I will summarize all the steps in to one solution...

:D

Regards,
Dinesh Kumar.V.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dinesh.V.Kumar · Answer 1 · 2014-04-05T02:45:00

I have summarized the solution below for your reference..But incase you refer this page again for some reason be sure to go through the comments we have discussed so that you get a clear picture of why each point here has been discussed..


If you want to restrict the user to read/write/delete/modify in all the tables in your db then you can do it using code.

Create a User Mapping Table...Map the user with the entities he/she can use in the User mapping table. Allow the user to access those entities in for which the user has permissions....

Please check the folllowing links...You might be able to get some idea..
http://www.codeproject.com/Articles/265870/Bypass-Forms-Authentication-to-Use-Active-Director
http://www.codeproject.com/Articles/15877/ADAM-and-LDAP-Client-Net-LDAP-Access-Control-for-A

For Windows Authentication issue 
Please verify the below site...
http://www.codeproject.com/Articles/94612/Windows-Authentication

Regards,
Dinesh Kumar.V.