I have a bit of a hybrid situation on my hands. I'm writing an intranet asp.net web app. I don't want to use full blown Windows Authentication, because I don't have proper groups set up in Active Directory to be able to authenticate users simply based on what group they are in. Up until now, I had created a membership database, and was manually authenticating users based on their NT Login. The app is getting more complex, and I'm looking at using the Membership and Roles providers to authenticate users. Here's my issue: I want to be able to authenticate users just based on their NT, but I don't want to use Windows Authentication. I want to write my own provider to plug into the membership and roles providers, and use Forms authentication, but make it transparent. Based on a Users table, I want to be able to authenticate the user or redirect them based on their NT alone. Is this possible, or am I stuck writing my own small framework to accomplish this? I would like to take advantage of the provider framework if at all possible.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Set your web.config to use Forms Authentication.
Make sure Integrated Authentication is turned on in IIS (you may need to disable anonymous as well). This will allow you to get the user's NT name.
You can get the user's NT name with:
Request.ServerVariables["LOGON_USER"]
You can log the user in, no password needed, with:
FormsAuthentication.RedirectFromLoginPage( userName, false );