Menu
Super simple question from an ASP newb: I've got an internal-only ASP.NET website I'm working on that uses Windows integrated auth across the board. There are essentially three roles I want to associate with the site: user, manager, and admin. The site is open to the entire org, so anyone who is authenticated is a user, unless they are a manager or an admin.
The list of admins and managers needs to be in a database, not in the web.config. The role information for this site is not in any way associated with what can be learned from a user's AD profile.
I've been picking up ASP.NET pretty quickly and I'm definitely capable of researching the correct solution, but I was hoping someone could start me down the right road here. What's the best way to get this done? I imagine it involves using a role provider on top of the integrated auth, but before I started researching a million options and possibly picked the wrong one, I thought I'd ask here.
Thanks!
643
I had to do this also and I used the below blog entry from Scott Guthrie to get me going....
http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Based-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.aspx
Worked great for me.
I didn't create a new provider or anything. Scott's blog post lays it out nicely. Although it is quite a hack but got me going quickly and did the trick.
With this trick you can use windows auth with DB based roles.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
