Hello All,
I have a current project that is working as expected. I use ADFS to authenticate the users to a simple asp.net site. This is not a MVC. I used an empty site and then created the pages. After the ADFS authentication I want to restrict what pages are available based on their AD account, admin or user. I have researched myself into stupidity at this point and not sure how to get this working. My setup includes, Windows 2012 R2, SQL 2014 Enterprise and IIS (not express). I have read that this requires a database to store the roles and users. However I am unsure how to setup this in the project. Others have mentioned that once I create the roles, just use IsInRole(role) and add it to my web.config, this was the example provided:
<location path="Page.aspx"><system.web><authorization><allow roles="Admin, OtherAdmin" /><deny users="*" /></authorization></system.web>
I only need two roles, admins and users. I believe I have the claim rule setup correctly in my relying trust.
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> add(store = "Active Directory", types = ("http://schemas.microsoft.com/ws/2008/06/identity/claims/role"), query = ";tokenGroups;{0}", param = c.Value);
I am stuck on how to implement the database and creating the roles, associating that to the project and having the AD account role limit the users view in the site. Any help would be greatly appreciated. One point to keep is that I have never coded nor do have any experience with asp.net, this is my first project. Thanks in advance.
