The best way to implement Custom Authentication...? RRS feed

  • Question

  • Hi Everyone.

    Im working in an Enterprise Application in .NET 2.0, and try to find out the best way to implement Custom Authentication, I want to store more information about the user in the IPrincipal.
    So I think I need to create some king of Custom IPrincipal...
    Someone can help me with some guidelines or examples, about how to implement this, any king of information or books...

    Thanks, I really appreciate your help.

    Tuesday, March 10, 2009 9:00 PM

All replies

  • Hello!

    Requirements on your appplication, please:

    1) deployment area: LAN or internet;

    2) security requirements, if any: is it enough to use login & password, sent as plain text over a network, or not; may be more complex approaches required, such as Kerberos, X509 certificates;

    3) infrastructure: do you already have user list repository, such as Active Directory, your custom database etc., or not;

    4) usability requirements: do you need single sign on with other applications, such as windows domain account authentication, LiveID, OpenID etc.;

    5) are your customers already use some kind of authentication within another applications? Are they satisfied about existing mechanism, or not?


    After you answer these questions, sure you would be on right way to resolve your task. And sure, your will get more useful and detailed answers here.

    Saturday, March 14, 2009 10:37 AM
  • There are a number classes built into the framework.  These implement the IIDentity & IPrincipal interfaces.

    These are WindowsIdentity, FormIdentity and PassportIdentity.  These can be extended and the last two are for web based authentication.

    If  these don't suffice IGenericPrincipal an IGenericIdentity provide a flexible means to implement custom authentication.

    Hope this helps.

    Pl mark as answer or helpful if you found this useful
    Wednesday, March 18, 2009 12:42 PM
  • Is your application going to be used in a domain environment?  I would assume so since it was indicated as an Enterprise Application.
    If you are in a domain environment are you wanting to stay away from an AD/LDAP type of solution?

    Wednesday, March 18, 2009 2:03 PM