问题
I have requirement to build windows authentication for our web applications. We plan to created local work groups (on Windows 2008 Server) to manage users instead of Active Directory. Our reason, it takes months to create groups and move users via AD (and our client would prefer we go this route). Is it possible to setup windows authentication for an asp.net application and validate the user credentials against the local workgroups? Keep in mind we would try to match their login names to our local workgroups.
回答1:
You can use AspNetWindowsTokenRoleProvider. This makes ASP.net use the Windows Local groups.
In your web config do something like this.
<authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
--> <authentication mode="Windows"/>
<identity impersonate="false"/>
<authorization>
</authorization>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>
then in your aspx you can check if user exists in role. I placed this in my master page.
If Not Roles.IsUserInRole(Context.Current.User.identity.name, "Managers") Then
'label1.Text = "You are not authorized to view user roles."
Response.Redirect(Request.ApplicationPath & "\logout.html")
end if
You can read more from this Link from Microsoft http://msdn.microsoft.com/en-us/library/ff647401.aspx under Using WindowsTokenRoleProvider
来源:https://stackoverflow.com/questions/24566204/setup-windows-authentication-for-asp-net-using-local-workgroups