How to integrate custom security policy with Windows domain authentication in ASP. NET

Source: Internet
Author: User
ArticleDirectory
    • Configure IIS 6.0 to support our custom windows domain authentication.
    • Write following codes.
    • Configure web. config.

 

Generally, the ASP. net built in Windows domain authentication is not sufficient. for example, we often need to use Windows domain authentication with database information. here is my example which shows how to do this in ASP. net.

Configure IIS 6.0 to support our custom windows domain authentication.
    1. Open IIS and right click our website.
    2. Click "properties" menu to open "properties" window.
    3. Select "Directory Security" tab.
    4. Click "Edit..." button to open "authentication methods" window.
    5. Clear "enable Anonymous access ".
    6. Check "Integrated Windows Authentication" box.
    7. Click "OK" button to close all opened windows.
Write following codes.

 

C # code
Public   Class Myauthenticationmodule: ihttpmodule
{
Public   Void Dispose (){}

Public void Init (httpapplication context)
{< br> context. authenticaterequest += DeleGate
{< br> iidentity = httpcontext. current. user. identity;

If(Identity= Null | !Identity. isauthenticated)
Return;

StringUsername=GetUserName (identity. Name );

If ( ! isvaliduser (username)
{< br> httpcontext. current. user = null ;
return ;
}

ienumerable myrole > roles = getroles (username);
myidentity = New myidentity (username, roles );
myprincipal = New myprincipal (myidentity );

Httpcontext. Current. User=Myprincipal;
};
}

Private   Static   String GetUserName ( String Fullname)
{
Int Separatorindex = Fullname. indexof ( ' \\ ' );
Return Fullname. substring (separatorindex +   1 );
}

Private Static BoolIsvaliduser (StringUsername)
{
//Replace following code with validation from database
Return False;
}

Private   Static Ienumerable < Myrole > Getroles ( String Username)
{
// Replace here with your custom code. For example, get from database etc.
Return   Null ;
}
}

[Serializable]
Public ClassMyidentity: iidentity
{
Private ReadonlyList<Myrole>Roles= NewList<Myrole>();

Public Myidentity ( String Name, ienumerable < Myrole > Roles)
{
If ( String . Isnullorempty (name )) Throw   New Argumentnullexception ( " Name " );

This . name = name;
If (roles ! = null )
This . roles. addrange (roles);
}

Public string authenticationtype
{< br> Get { return " my authentication type " ;}
}

Public bool isauthenticated
{< br> Get { return true ;}
}

Public string name { Get ; private set ;}

PublicIlist<Myrole>Roles
{
Get{Return This. Roles ;}
}

//Add your custom code here
}

[serializable]
Public class myprincipal: iprincipal
{< br> private readonly myidentity identity;

Public myprincipal (myidentity identity)
{< br> If (identity = null ) throw New argumentnullexception ( " identity " );

This. Identity=Identity;
}

PublicIidentity identity
{
Get{Return This. Identity ;}
}

Public bool isinrole ( string role)
{< br> If ( string . isnullorempty (role) throw New argumentnullexception ( " role " );

return This . identity. roles. count (myrole => string . compare (myrole. name, role, tru E ) = 0 ) ! = 0 ;< BR >}

//Add your custom code here
}

[Serializable]
Public   Class Myrole
{
Public Myrole ( String Name)
{
If ( String . Isnullorempty (name )) Throw   New Argumentnullexception ( " Name " );

This. Name=Name;
}

Public StringName {Get;Private Set;}

//Add your custom code here
}

 

Configure web. config.

 

Web. config
<Httpmodules>
<AddName= "Myauthenticationmodule"Type= "Myauthenticationmodule"/>
</Httpmodules>

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.