Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Security / October 2004

Tip: Looking for answers? Try searching our database.

Windows authentication and availability

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
howard@nospam.nospam - 12 Oct 2004 22:25 GMT
We are currently deploying an ASP.Net intranet application to our WAN. The
application uses integrated Windows authentication. At present, each time
there is a post-back, our code gets the user’s credentials and queries to see
whether the user is a member of certain Active Directory groups.

In order to improve availability in various disaster scenarios, we deploy
the application to a separate server at each of our 25 physical locations
around the country. There is also a separate domain controller at each
location. The idea is that even if the WAN fails, our application can still
run, provided that the local network is still up.

I have two questions regarding availability in various disaster recovery
scenarios.

1. If the local domain controller fails, will post-backs fail because of our
use of integrated Windows authentication?

2. Each time we query the user’s credentials, are round-trips to the domain
controller involved, or do the credentials get cached somewhere? We would be
willing to assume that the user's credentials don't change during a single
ASP.Net session.
Reply to this Message
Paul Clement - 14 Oct 2004 20:21 GMT
¤ We are currently deploying an ASP.Net intranet application to our WAN. The
¤ application uses integrated Windows authentication. At present, each time
¤ there is a post-back, our code gets the user’s credentials and queries to see
¤ whether the user is a member of certain Active Directory groups.
¤
¤ In order to improve availability in various disaster scenarios, we deploy
¤ the application to a separate server at each of our 25 physical locations
¤ around the country. There is also a separate domain controller at each
¤ location. The idea is that even if the WAN fails, our application can still
¤ run, provided that the local network is still up.
¤
¤ I have two questions regarding availability in various disaster recovery
¤ scenarios.
¤
¤ 1. If the local domain controller fails, will post-backs fail because of our
¤ use of integrated Windows authentication?
¤

Not if you have a backup domain controller by which authentication can occur with respect to
resource access.

¤ 2. Each time we query the user’s credentials, are round-trips to the domain
¤ controller involved, or do the credentials get cached somewhere? We would be
¤ willing to assume that the user's credentials don't change during a single
¤ ASP.Net session.

Credentials (user ID and password) are cached at the browser level on the client.

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)
Reply to this Message
howard@nospam.nospam - 14 Oct 2004 21:51 GMT
Is information from Active Directory, namely group membership, cached?
Reply to this Message
Paul Clement - 15 Oct 2004 13:20 GMT
¤ Is information from Active Directory, namely group membership, cached?

No, not automatically. If you are querying AD with ADSI or DirectoryServices programmatically you
would have to implement one of the various state or caching mechanisms in code if you wish to retain
this information between trips to the web server.

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)
Reply to this Message
howard@nospam.nospam - 15 Oct 2004 17:15 GMT
Thanks!

> ¤ Is information from Active Directory, namely group membership, cached?
>
[quoted text clipped - 4 lines]
> Paul ~~~ pclement@ameritech.net
> Microsoft MVP (Visual Basic)
Reply to this Message
Patrick.O.Ige - 21 Oct 2004 11:24 GMT
How can i do these Caching mechanisms?

> ? Is information from Active Directory, namely group membership, cached?
>
[quoted text clipped - 4 lines]
> Paul ~~~ pclement@ameritech.net
> Microsoft MVP (Visual Basic)
Reply to this Message
Paul Clement - 26 Oct 2004 17:18 GMT
¤ How can i do these Caching mechanisms?
¤

See the following:

Caching Architecture Guide for .NET Framework Applications
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/Cach
ingArchch2.asp

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.