|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Windows Authentication in VB.Net ApplicationI have an application that requires a user name and password so no one
sits down at anyone else's desk and runs the application as that user. I don't want to create a database to store user names and passwords. All I want to do is prompt the user for their Windows user name and password and verify it against the domain and not their local system. This is so users can run the application on other user's systems without having to log in to that system. This is necessary so that managers and supervisors can access the application at any workstation. I haven't found any nice code examples demostrating an effective way to check user credentials in a windows forms application. Does anyone have any thoughts, suggestions? Thanks. You can basically either use the LogonUser API (which has a wrapper
documented in the code sample for the WindowsImpersonationContext class) or you can use SSPI directly, which is normally done using the NegotiateStream class. In order to provide the UI, you should probably use CredUIPromptForCredentials. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "Rocky Neurock" <jneur***@gmail.com> wrote in message news:1156945423.034903.260650@i42g2000cwa.googlegroups.com... >I have an application that requires a user name and password so no one > sits down at anyone else's desk and runs the application as that user. > I don't want to create a database to store user names and passwords. > All I want to do is prompt the user for their Windows user name and > password and verify it against the domain and not their local system. > This is so users can run the application on other user's systems > without having to log in to that system. This is necessary so that > managers and supervisors can access the application at any workstation. > > I haven't found any nice code examples demostrating an effective way to > check user credentials in a windows forms application. Does anyone > have any thoughts, suggestions? Thanks. > I looked into the example for the WindowsImpersonationContext class and
it said that it would only work with XP and we use 2K. I tried it anyway and I could not get it to work. I also looked for NegotiateStream and that said it was part of the 2.0 framework and we are working with the 1.1 framework. Any other ideas? Joe Kaplan wrote: Show quoteHide quote > You can basically either use the LogonUser API (which has a wrapper > documented in the code sample for the WindowsImpersonationContext class) or > you can use SSPI directly, which is normally done using the NegotiateStream > class. > > In order to provide the UI, you should probably use > CredUIPromptForCredentials. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "Rocky Neurock" <jneur***@gmail.com> wrote in message > news:1156945423.034903.260650@i42g2000cwa.googlegroups.com... > >I have an application that requires a user name and password so no one > > sits down at anyone else's desk and runs the application as that user. > > I don't want to create a database to store user names and passwords. > > All I want to do is prompt the user for their Windows user name and > > password and verify it against the domain and not their local system. > > This is so users can run the application on other user's systems > > without having to log in to that system. This is necessary so that > > managers and supervisors can access the application at any workstation. > > > > I haven't found any nice code examples demostrating an effective way to > > check user credentials in a windows forms application. Does anyone > > have any thoughts, suggestions? Thanks. > > On w2k you need very high privileges to call LogonUser - i found Keith's
old SSPI Verififer that works on w2k as a normal user. http://www.develop.com/technology/resourcedetail.aspx?id=ee929f0b-1f9d-4a2a-92a1-911706bd7b52 --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > I looked into the example for the WindowsImpersonationContext class > and it said that it would only work with XP and we use 2K. I tried it > anyway and I could not get it to work. I also looked for > NegotiateStream and that said it was part of the 2.0 framework and we > are working with the 1.1 framework. Any other ideas? > > Joe Kaplan wrote: > >> You can basically either use the LogonUser API (which has a wrapper >> documented in the code sample for the WindowsImpersonationContext >> class) or you can use SSPI directly, which is normally done using the >> NegotiateStream class. >> >> In order to provide the UI, you should probably use >> CredUIPromptForCredentials. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "Rocky Neurock" <jneur***@gmail.com> wrote in message >> news:1156945423.034903.260650@i42g2000cwa.googlegroups.com... >>> I have an application that requires a user name and password so no >>> one sits down at anyone else's desk and runs the application as that >>> user. I don't want to create a database to store user names and >>> passwords. All I want to do is prompt the user for their Windows >>> user name and password and verify it against the domain and not >>> their local system. This is so users can run the application on >>> other user's systems without having to log in to that system. This >>> is necessary so that managers and supervisors can access the >>> application at any workstation. >>> >>> I haven't found any nice code examples demostrating an effective way >>> to check user credentials in a windows forms application. Does >>> anyone have any thoughts, suggestions? Thanks. >>> Thanks Dominick, that solved my problem. I hope everyone else with the
same problem checks this post. Dominick Baier wrote: Show quoteHide quote > On w2k you need very high privileges to call LogonUser - i found Keith's > old SSPI Verififer that works on w2k as a normal user. > > http://www.develop.com/technology/resourcedetail.aspx?id=ee929f0b-1f9d-4a2a-92a1-911706bd7b52 > > --- > Dominick Baier, DevelopMentor > http://www.leastprivilege.com > > > I looked into the example for the WindowsImpersonationContext class > > and it said that it would only work with XP and we use 2K. I tried it > > anyway and I could not get it to work. I also looked for > > NegotiateStream and that said it was part of the 2.0 framework and we > > are working with the 1.1 framework. Any other ideas? > > > > Joe Kaplan wrote: > > > >> You can basically either use the LogonUser API (which has a wrapper > >> documented in the code sample for the WindowsImpersonationContext > >> class) or you can use SSPI directly, which is normally done using the > >> NegotiateStream class. > >> > >> In order to provide the UI, you should probably use > >> CredUIPromptForCredentials. > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> "Rocky Neurock" <jneur***@gmail.com> wrote in message > >> news:1156945423.034903.260650@i42g2000cwa.googlegroups.com... > >>> I have an application that requires a user name and password so no > >>> one sits down at anyone else's desk and runs the application as that > >>> user. I don't want to create a database to store user names and > >>> passwords. All I want to do is prompt the user for their Windows > >>> user name and password and verify it against the domain and not > >>> their local system. This is so users can run the application on > >>> other user's systems without having to log in to that system. This > >>> is necessary so that managers and supervisors can access the > >>> application at any workstation. > >>> > >>> I haven't found any nice code examples demostrating an effective way > >>> to check user credentials in a windows forms application. Does > >>> anyone have any thoughts, suggestions? Thanks. > >>> 
Other interesting topics
PKI confusion...
How to validate client certificate? VS2005 Throws Security Exception when run from Network!? Bad Data. Any idea what this means? Aplying more than 1 attributes ????? How to convert string to SecureString? SignedXml gives false negatives when using namespaces in signed xm recent security patch prevents desktop.ini CLSID folder-app association and custom icon Encrypting connection string in app.config Get role for any given user name ... |
|||||||||||||||||||||||
