Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > .NET > .NET 2.0 and Visual Studio. 2005 > .NET Framework 2.0
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
.NET Framework 2.0 For discussion of the Microsoft .NET Framework 2.0.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the .NET Framework 2.0 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old March 8th, 2007, 01:36 AM
Authorized User
 
Join Date: Jun 2005
Location: , , Philippines.
Posts: 97
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to aldwinenriquez
Default Integrated Security using Active Directory

I have an application that is using a custom security framework that we built. The framework authentication mechanism is using ActiveDirectory.

Applications will be deployed as Intranet applications only. What I want is to pass the current windows account and the domain name into the security framework and bypass authentication since the user was already authenticated during login.

This create some security holes where the domain name can be spoof in one of the workstation.

Is there a way for me to check if the current machine is a member of a given domain?


Another thing is if the domain is a member of a forest, and the forest contains account names existing in different domain, how does authentication work?



"Dont you ever give up!"
__________________
\"Dont you ever give up!\"
Reply With Quote
  #2 (permalink)  
Old May 4th, 2007, 07:15 AM
Authorized User
 
Join Date: Dec 2004
Location: Swindon, Wilts, United Kingdom.
Posts: 68
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to DZukiewicz
Default

Yep, the current user is in WindowsIdentity.GetCurrentUser(), and you can extract the domain from there.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Active Directory TCSE305 Windows Server 1 November 22nd, 2006 01:26 AM
Windows Integrated Security with Java Servlets tbpbanit01 Servlets 0 March 24th, 2004 08:57 AM
Windows Integrated Security Problem lbob Classic ASP Databases 4 August 8th, 2003 07:44 AM
Confused about NT Integrated Security VBAHole22 SQL Server 2000 1 June 16th, 2003 12:20 PM



All times are GMT -4. The time now is 03:56 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.