I would like my ASP.net MVC5 application to authenticate against my active directory. Using "Windows Authentication" when creating my project works fine but I would like to do that same thing using a interface similar to "Individual user accounts". That way my users would be able to log out whenever they want and log in again as a different user. All I want is "Windows Authentication" but with a login form and a logout option.
I have tried everything but nothing seems to work, is this so difficult to do?
Thanks in advance for your answers
Windows Integrated Authentication uses Kerberos, so the Webserver (probably IIS) will handle the Authentication for you - your application does not have a chance to intercept this behavior.
But there is a way to do what you want:
http://msdn.microsoft.com/en-us/library/ff650308.aspx
Related
This is bugging me, but think I traced the problem down to working on a Forms Authentication App and now I have switched back to trying to use Windows Authentication, but for some reason just wants to keep using Forms Authentication.
Have just the usual in the web.config, even tried Signing Out of Forms Authentication, but still insists on working in Forms Authentication.
So the up-shot is I get when trying System.Web.HttpContext.Current.User.Identity.Name is a nice Empty string and user is not Authenticated.
How do I get my Windows Authentication back ?
cheers
Michael
Check that the web application folder is configured to use Windows authentication in IIS, also check the content files, they should inherit the parent permissions. Also re-check the authentication mode in your web.config file, make sure it's set to Windows.
I have an silverlight application configured with windows integrated security.
I would like to emulate the "Sign in as different user" functionality
I would like to give the user, the option to click a button and show the
windows authentication login window, so that the user can enter the "User
name" and "Password" again using another domain account.
Is this possible and how?
(btw i found this question on another site but with no answers, I need the same thing so i copy/pasted a bit)
That's only doable if your ASP.NET application sends back 401.2 challenge to the browser. but the details are too complex, and you should avoid that if possible.
Forms authentication is a better option.
I have an ASP.NET application using Windows Authentication.
At the moment the only way for a user to log-off the application is to close the browser (it is a pain because closing the tab itself is not enough).
I would like to have a log-off button so make it easier to log-in as a different user.
Is it possible at all (IE and/or Firefox)?
Thanks.
Found it:
ASP.NET Windows Authentication logout
You should use forms auth if you want to show good ui login, logout forms.
Via IIS you can verify ldap users.
I am trying to figure out how to implement an ASP.NET page with Windows Authentication without getting that annoying IIS login box.
I currently have 3 domains in my network so all the people logging in would have to prefix their user names with the domain. This is not user friendly. I would like to have a custom login page that would have a domain combo box.
Most examples I found implement this using Form security, however I need Windows Authentication since I want to connect to the SQL server using Integrated Authentication rather than a hard coded user name and password.
Does anyone know of a good article or sample code that shows how to implement this?
The following links to an article that explains how to authenticate a windows user using forms authentication, it uses a call to the native win32 api function LogonUser to acheive this. This way you can design your own custom login page with a drop down list to select a domain. Take a look, perhaps it will help.
Windows Authentication using Form Authentication
To get this setup so you don't have the authentication prompt, you are going to need to have the domains trust the accounts from one another. This article should get you pointed in the right direction:
http://technet.microsoft.com/en-us/library/cc787646%28WS.10%29.aspx
I have authentication mode set to forms in my asp.net web.config but am still getting a windows login prompt when i browse to the website.
Could authentication mode be set elsewhere, in IIS for example? My site runs on IIS 6.
Thanks.
This could be because the permissions on the folder that is being served is not allowed to be accessed by the user running the web site
I have had issues where the authentication was set to forms and the directory security was set to allow anonymous, but some resources (images in my particular case) did not have the proper permissions to allow the anonymous user to read them.
The effect is that the user was prompted to login so that the graphics could be displayed, after which the form was displayed and the user logged in (again) with the intended form.
Sounds like windows permissions problem.
Windows permissions will always override anything that you have set up in aspnet.
I would start by looking at "anonymous access" permissions in IIS admin, then work your way through the file system.
You have configured anonymous access in IIS Administrator, but the IIS user does not have permission to access the filesystem, defaulting to the login dialog to authenticate as Windows user.
As it happens a colleague updated my machine to .NET Framework 3.5 SP1 whilst I was away. So I compiled my project and released onto the server which does not have SP1 installed and the above happened.
I've installed SP1 on the server and it's working fine now.
Thanks for all your input.
Just to clarify : the login popped up because the application was unable to load a file due to the problem described in the following: Link