Using NetSqlAzMan to interface with Active Directory

Topics: NetSqlAzMan Core
Oct 5, 2012 at 1:03 PM
Edited Oct 5, 2012 at 1:04 PM

Hi,

I want to use NetSqlAzMan as an interface with Active Directory. I mean to say my application will not hold any LDAP authentication query and I will create application group with the group type LDAP and pass LDAP query over there in NetSqlAzMan.

Now when user logs in the application, application will connect NetSqlAzMan where the user get authenticated from LDAP. Once the user gets authenticated, application will validate user role by finding the role for user and depends on that will get authorized.(Basically data-based authorization).

As it is a data-based authorization, I guess I have to store the authorized details (like username, officeid, role etc..) in session and pass it to the application to get the data for the office specified if the user is not administrator user.

Questions:

1) Am I following the correct path for the scenario mentioned?

2) I tried and I can validate the user if the user is windows user but unable to get LDAP user from my application. Could anyone let me know what approach I have to follow?

Thanks.

Hardik

 

 

Oct 8, 2012 at 7:29 AM

Hello Andrea,

Any inputs on my above query? I am stuck on this since last few days.

Any help would be appreciated!!

Thanks.

Hardik

 

 

Oct 8, 2012 at 9:35 AM

Hello Hardik,

I can not understand the scenario. What do you want to do?

Please try to explain better and provide more details

Andrea Ferendeles / NetSqlAzMan Project Coordinator
Web / http://netsqlazman.codeplex.com
email aferende@hotmail.com

Da: HardikBhatt [email removed]
Inviato: lunedì 8 ottobre 2012 08:29
A: Andrea Ferendeles
Oggetto: Re: Using NetSqlAzMan to interface with Active Directory [netsqlazman:398160]

From: HardikBhatt

Hello Andrea,

Any inputs on my above query? I am stuck on this since last few days.

Any help would be appreciated!!

Thanks.

Hardik


Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie.

This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you.

Oct 8, 2012 at 9:57 AM
aferende wrote:

Hello Hardik,

I can not understand the scenario. What do you want to do?

Please try to explain better and provide more details

 

Andrea Ferendeles / NetSqlAzMan Project Coordinator
Web / http://netsqlazman.codeplex.com
email aferende@hotmail.com  

 

Da: HardikBhatt [email removed]
Inviato: lunedì 8 ottobre 2012 08:29
A: Andrea Ferendeles
Oggetto: Re: Using NetSqlAzMan to interface with Active Directory [netsqlazman:398160]

 

From: HardikBhatt

Hello Andrea,

Any inputs on my above query? I am stuck on this since last few days.

Any help would be appreciated!!

Thanks.

Hardik

 

 


Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie.

This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you.


Hello Andrea,

Thanks for your reply.

Furthur to my above query let me try to explain in detail:

Authentication: For Authentication, I want that when any user logs into the application with his/her username and password, I want NetSqlAzMan to take user credentials and authenticate the user with LDAP. so by that way I will not expose my LDAP details in my application and the application will only call NetSqlAzMan and the rest of the authentication work is handled by NetSqlAzMan.

Authorization: We have two different types of users, one is Administrator and one is Simple User. As per the requirement, If the logged in user gets authenticated by LDAP and is the Administrator user give him/her permission to see all the data of all the offices otheriwise if the logged in user gets authenticated by LDAP and is Simple user only allow him/her to see data related to his/here office.

Both the things I have to perform using NetSqlAzMan.

Could you please guide me on the approach to follow?

Thanks.

Hardik Bhatt

 

 

 

 

 

Oct 9, 2012 at 10:09 AM

Hello Andrea,

Any updates on my above query?

Kindly let me know if the scenario I am thinking is possible and can be implemented or not?.

Thanks.

Hardik

 

 

Oct 9, 2012 at 6:17 PM

Hello Hardik,

Sorry for the delay.

Regarding authentication, NetSqlAzMan does not deal authentication, so the way you're following is just “not supported”.

About Authorization instead, you can just create the two (or more) roles.

Then each user that will be authorized on one of two roles, you can associate one or more attributes (key/value) to obtain some “scope informations” (eg.: Office (key) - Sales (value)).

About using attributes you can see the pdf guide or watch video tutorials.

Regards,

Andrea.

____________________

Andrea Ferendeles / Technology Architect / EIDOS tel +39 06.76980665 / mob +39 347.5058727 / fax +39 06.76980625 email a.ferendeles@eidos.biz

Da: HardikBhatt [email removed]
Inviato: martedì 9 ottobre 2012 11:10
A: Andrea Ferendeles
Oggetto: Re: Using NetSqlAzMan to interface with Active Directory [netsqlazman:398160]

From: HardikBhatt

Hello Andrea,

Any updates on my above query?

Kindly let me know if the scenario I am thinking is possible and can be implemented or not?.

Thanks.

Hardik


Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie.

This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you.

Oct 10, 2012 at 8:25 AM

Hello Andrea,

Thanks for your valuable inputs!!

This will definately help me to go ahead with the implementation.

Regards,

Hardik