How to integrate custom security policy with Windows domain authentication in ASP. NET

ArticleDirectory

• Configure IIS 6.0 to support our custom windows domain authentication.
• Write following codes.
• Configure web. config.

 

Generally, the ASP. net built in Windows domain authentication is not sufficient. for example, we often need to use Windows domain authentication with database information. here is my example which shows how to do this in ASP. net.

Configure IIS 6.0 to support our custom windows domain authentication.

1. Open IIS and right click our website.
2. Click "properties" menu to open "properties" window.
3. Select "Directory Security" tab.
4. Click "Edit..." button to open "authentication methods" window.
5. Clear "enable Anonymous access ".
6. Check "Integrated Windows Authentication" box.
7. Click "OK" button to close all opened windows.

Write following codes.

 

C # code
Public   Class Myauthenticationmodule: ihttpmodule
{
Public   Void Dispose (){}

Public void Init (httpapplication context)
{< br> context. authenticaterequest += DeleGate
{< br> iidentity = httpcontext. current. user. identity;

If(Identity= Null | !Identity. isauthenticated)
Return;

StringUsername=GetUserName (identity. Name );

If ( ! isvaliduser (username)
{< br> httpcontext. current. user = null ;
return ;
}

ienumerable myrole > roles = getroles (username);
myidentity = New myidentity (username, roles );
myprincipal = New myprincipal (myidentity );

Httpcontext. Current. User=Myprincipal;
};
}

Private   Static   String GetUserName ( String Fullname)
{
Int Separatorindex = Fullname. indexof ( ' \\ ' );
Return Fullname. substring (separatorindex +   1 );
}

Private Static BoolIsvaliduser (StringUsername)
{
//Replace following code with validation from database
Return False;
}

Private   Static Ienumerable < Myrole > Getroles ( String Username)
{
// Replace here with your custom code. For example, get from database etc.
Return   Null ;
}
}

[Serializable]
Public ClassMyidentity: iidentity
{
Private ReadonlyList<Myrole>Roles= NewList<Myrole>();

Public Myidentity ( String Name, ienumerable < Myrole > Roles)
{
If ( String . Isnullorempty (name )) Throw   New Argumentnullexception ( " Name " );

This . name = name;
If (roles ! = null )
This . roles. addrange (roles);
}

Public string authenticationtype
{< br> Get { return " my authentication type " ;}
}

Public bool isauthenticated
{< br> Get { return true ;}
}

Public string name { Get ; private set ;}

PublicIlist<Myrole>Roles
{
Get{Return This. Roles ;}
}

//Add your custom code here
}

[serializable]
Public class myprincipal: iprincipal
{< br> private readonly myidentity identity;

Public myprincipal (myidentity identity)
{< br> If (identity = null ) throw New argumentnullexception ( " identity " );

This. Identity=Identity;
}

PublicIidentity identity
{
Get{Return This. Identity ;}
}

Public bool isinrole ( string role)
{< br> If ( string . isnullorempty (role) throw New argumentnullexception ( " role " );

return This . identity. roles. count (myrole => string . compare (myrole. name, role, tru E ) = 0 ) ! = 0 ;< BR >}

//Add your custom code here
}

[Serializable]
Public   Class Myrole
{
Public Myrole ( String Name)
{
If ( String . Isnullorempty (name )) Throw   New Argumentnullexception ( " Name " );

This. Name=Name;
}

Public StringName {Get;Private Set;}

//Add your custom code here
}

 

Configure web. config.

 

Web. config
<Httpmodules>
<AddName= "Myauthenticationmodule"Type= "Myauthenticationmodule"/>
</Httpmodules>