Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Asp.Net Role-based authentication using Security groups in Active Directory

Tags:

c#

security

authentication

asp.net

role

I am attempting to do something simple (I thought) - securing my application using roles-based security using Active Directory groups in our Domain.

Specifically, I need to show/hide items on a page depending upon whether the currently logged in user is part of domain\groupA in Active Directory. For some reason, it is difficult finding information on using Active Directory for this. Everything I seem to find goes into details of using forms-based authentication using roles, or it uses a DB to store the information.

All I want to do is use our already outlined security structure in our Active Directory. Can someone please explain what I need?

Do I need:

  1. <roleManager enabled="true"/> in web.config
  2. <allow roles ="domain\groupA"/> in web.config
  3. IIS set to windows authentication
  4. if (User.IsInRole(@"domain\groupA")){ //do stuff } in my page?

What else am I missing? Anything? 'cause its not working. heh.

Thanks all for your help.

like image 655
Kolten Avatar asked Oct 16 '08 16:10

Kolten

People also ask

How is role-based authorization implemented in ASP NET?

To accomplish this, start by adding a Web. config file to the Roles folder. The <authorization> element in the <system. web> section indicates that only users in the Administrators role may access the ASP.NET resources in the Roles directory.

Which of the following is role-based authorization in asp net?

Role-based authorization checks specify which roles which the current user must be a member of to access the requested resource. The controller SalaryController is only accessible by users who are members of the HRManager role or the Finance role.

Which of the following are the right authentication modes for implementing role-based security?

They are - Windows Authentication, Forms Based Authentication and Passport Authentication.

How do you do role-based authorization?

For role-based authorization, the customer is responsible for providing the user ID, any optional attributes, and all mandatory user attributes necessary to define the user to Payment Feature Services. The customer must also define the roles that are assigned to the user.

1 Answers

You probably just need to add a RoleProvider to your web.config to tell the app how to do searches against AD.

Sample code from here.

<roleManager defaultProvider="WindowsProvider" 
  enabled="true"
  cacheRolesInCookie="false">
  <providers>
    <add
      name="WindowsProvider"
      type="System.Web.Security.WindowsTokenRoleProvider" />
  </providers>
</roleManager>
like image 152
tvanfosson Avatar answered Oct 07 '22 16:10

tvanfosson
Sign in to Comment

Related questions

How to sort enum using a custom order attribute?
System.Net.ProtocolViolationException: You must write ContentLength bytes to the request stream before calling [Begin]GetResponse
RabbitMQ undefined: There is no template at js/tmpl/login.ejs
Restrict route to controller namespace in ASP.NET Core
ASP.NET Core RC2 Area not published
How to measure Code Coverage in ASP.NET Core projects in Visual Studio?
Builder pattern with nested objects
How can I refresh just a Partial View in its View?
How can I mock a method that returns a Task<IList<>>?
IP Security in Asp.Net Core
Custom TFS Check-In Policy in Visual Studio 2017
Object disposing in Xamarin.Forms
Why C# Arrays type IsSerializable property is True?
Windows and Anonymous Authentication in .Net Core 2.0
Is it possible to deconstruct out ValueTuple parameters?
Store files in database using Entity Framework Core
'IJsonHelper' does not contain a definition for 'Encode'
Using .NET 4.x in Unity on a Mac
Temporary Value Error During Entity Framework Core Modify
How to access .Net element on Master page from a Content page?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!