Restrict users - windows authentication

Question

User140884498 posted

Hi,

I have a website which uses Windows Authentication. I need to restrict access to only a few users, who are present in a local database. How can I achieve it? For example, my database has "domain\user1", only user1 should be allowed. "domain\user2", "domain\user3" .....  should not be allowed.

Thanks in advance

Answer 1

User-821857111 posted

Probably the most straightforward way is to create a role on the server and then add your selected users to it, and then check to see if the current user belongs to your special role:

if(!User.IsInRole(@"DOMAIN\IntranetUsers"))
{
    //boot them out
}

Answer 2

User140884498 posted

Thanks Mike, but the requirement is that the list of authorized users ("domainname\username") will be in a database. We'll have to allow only these users. We cannot create roles as we do not have access.

Answer 3

User-821857111 posted

I would query the database for the list of approved users at application startup and cache the resulting data (as a list, Datatable, whatever) and then query that to see if the current user is in the list. If they are not on the list,.... you know the rest.