Monday, April 14, 2008

WST Apps and Authorisation / Authentication

We had a work problem. It was this:

  • COE (common operating environment) calls for IE to reject scripts.
  • we had a login process which used a Windows Scripting Host object to obtain the users Windows signon
  • ergo, occassionally, Network Ops would refresh the COE and our apps would cease their auto-login.
Here is the resolution:
  • Web.config:
    • authentication mode=”Forms”
    • Identity impersonate=”true”
    • authorization deny="?"
  • You need a login page, so that we can authenticate against the database and retrieve the users’ roles.
  • But, you don’t need the Windows Scripting Host script anymore, since WindowsIdentity.GetCurrent().Name now works with the above combination of web.config attributes
  • This will enable NT authenticated access, single sign-on, for any user without adding them to our server(s)
  • If you also want to enable SQL Server Reporting Services, you must further:

No comments:

Post a Comment