Click here to Skip to main content
16,017,207 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more: , +
HI,

i have developed a web application which client wants to run on intranet only. these website will not have public access. now what they want is complete application should be manage by active directory use / grouping. permission on application should be also manage by network login and groups only.

so i.e. if we have one form for add job. now he wants that if usergroup of dataentry department should only allow to access job form.

same thing for database tables. permission on database should also be dynamic. may i need to create dynamic connection string.

help me on this please ??

i dont have idea how to start even ???
Posted
Comments
Dinesh.V.Kumar 5-Feb-14 6:23am    
Please check the folllowing links...You might be able to get some idea..
http://www.codeproject.com/Articles/265870/Bypass-Forms-Authentication-to-Use-Active-Director
http://www.codeproject.com/Articles/15877/ADAM-and-LDAP-Client-Net-LDAP-Access-Control-for-A
Hope this helps!!!

Regards,
Dinesh Kumar.V.
ravikhoda 5-Feb-14 6:27am    
can we apply database permissions using same things ?
Dinesh.V.Kumar 5-Feb-14 6:33am    
If you want to restrict the user to read/write/delete/modify in all the tables in your db then you can do it using code. Can you please elaborate on this part?

Regards
ravikhoda 5-Feb-14 6:47am    
ok let me explain what my client wants :
he already run some small access application using active directory ..but now he converted his site to asp.net.
next he wants that some pages will be access by only some users that is based on the active directory.

like job form for group a only and invoice form for group b. from your link i can see that at some level we can do some authentication on screen level...but again on database part i have a problem.

like invoice can be access by both finance and account group. but they both should be able to access based on some type of invoice only. this type is currently define in the database. how can i manage and check such things with active directory.
Dinesh.V.Kumar 5-Feb-14 6:56am    
Hi Ravi,

Currently I dont have a solution for this...Give me some time...I will try to figure out on how it can be implemented and will let you know.

Regards

1 solution

I have summarized the solution below for your reference..But incase you refer this page again for some reason be sure to go through the comments we have discussed so that you get a clear picture of why each point here has been discussed..


If you want to restrict the user to read/write/delete/modify in all the tables in your db then you can do it using code.

Create a User Mapping Table...Map the user with the entities he/she can use in the User mapping table. Allow the user to access those entities in for which the user has permissions....

Please check the folllowing links...You might be able to get some idea..
http://www.codeproject.com/Articles/265870/Bypass-Forms-Authentication-to-Use-Active-Director
http://www.codeproject.com/Articles/15877/ADAM-and-LDAP-Client-Net-LDAP-Access-Control-for-A

For Windows Authentication issue 
Please verify the below site...
http://www.codeproject.com/Articles/94612/Windows-Authentication

Regards,
Dinesh Kumar.V.
 
Share this answer
 
Comments
Dinesh.V.Kumar 7-Apr-14 3:24am    
Thnx a lot buddy!! :D

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900