Comment Feed for Channel 9 - Demystified Series: WinForms App Single Sign On in 2 Lines of Code! http://ecn.channel9.msdn.com/o9/previewImages/100/151065_100x75.jpg Channel 9 - Demystified Series: WinForms App Single Sign On in 2 Lines of Code! Welcome to the Demystified Series where we seek to identify and present the strategic and critical pieces of information that a developer needs to get up and running, and feel confident, in building identity-aware, directory-enabled applications. Many developers are unaware of two information rich objects available to them for role-based validation and that can also be leveraged to verify authenticated access, essentially single sign on (SSO), to their application because the user has already logged onto the desktop. These are the WindowPrincipal and WindowsIdentity objects. The purpose of this screencast is to demystify how to leverage the rich information these objects provide – starting with just 2 lines of code. Sample code for this screencast is available here: - http://channel9.msdn.com/ShowPost.aspx?PostID=154871 For further information regarding Identity and Access Management, please visit: - http://microsoft.com/ad - http://microsoft.com/adam - http://microsoft.com/miis en Sun, 19 May 2013 14:30:34 GMT Sun, 19 May 2013 14:30:34 GMT Rev9 Re: Demystified Series: WinForms App Single Sign On in 2 Lines of Code!
What are you using behind the scenes? Is this basic AD? I am wondering how I would set this up.

posted by neilhut

]]> http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632727974600000000 Sat, 14 Jan 2006 01:04:20 GMT http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632727974600000000 neilhut Re: Demystified Series: WinForms App Single Sign On in 2 Lines of Code! Dear,

In Microsoft Visual Basic 2005 Express Edition, the line of code below

System.AppDomain.CurrentDomain.SetAppDomainPolicy(System.Security.Principal.PrincipalPolicy.WindowsPrincipal)

gives me the following error

Value of type 'System.Security.Principal.PrincipalPolicy' cannot be converted to 'System.Security.Policy.PolicyLevel'.

posted by guercheLE

]]> http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632732899220000000 Thu, 19 Jan 2006 17:52:02 GMT http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632732899220000000 guercheLE Re: Demystified Series: WinForms App Single Sign On in 2 Lines of Code! neilhut:
Thanks! The great thing about using the WindowsPrincipal and WindowsIdentity objects is that there is no set up required – yet these encapsulate information about Windows accounts whether the machine is domain attached or not. Therefore, simply pull in the appropriate namespace(s) and instantiate the objects required for either your single or repeated validation use. From there, if desired, the developer can interrogate the Name property to evaluate for a specific DOMAIN\ requirement for access to the application. The application could then be terminated with an error prompt based on the evaluation or possibly pop up another form to collect credentials for authentication to another identity store. Also, the Type property shows the type of authentication used to identify the user – Kerberos, NTLM, etc. There may be business reasons for the application to also make decisions based on this information.


guercheLE:
It appears that you need to adjust your syntax just a bit to:
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)

This should fix it. Smiley

posted by donovanf

]]> http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632737386860000000 Tue, 24 Jan 2006 22:31:26 GMT http://channel9.msdn.com/Blogs/donovanf/Demystified-Series-WinForms-App-Single-Sign-On-in-2-Lines-of-Code#c632737386860000000 donovanf