I have a website deployed on IIS 7 . And want one of my pages authenticated by windows authentication. But While trying this I am getting error "This feature has been locked or Read Only".
View 1 RepliesI have an application that ran fine on a Win 2003 box using windows authentication. After installing the app on a 32-bit Windows Server 2008 box the users are now prompted for domain credentials every time they call the site. I went into IIS manager for IIS7 and disabled anonymous authentication and enabled windows authentication. What do I need to do here for the user to not be prompted for the credentials?
View 5 RepliesI've got an ASP.NET web app that uses Crystal Reports XI Release 2 (Service Pack 4 + Fix Pack 4.1), and when I use Windows Authentication, the report still passes the application pool identity to the database instead of the user's identity. Every other portionof the program sends the user's identity (checked using SQL profiler). I know I've gotten this working on a client's windows 2008 server before, but I don't have access to that machine to make a comparison with the one I'm working on. I'm pretty sure it's an IIS configuration issue, but I can't seem to find the thing that's causing the Crystal reports to behave differently from the rest of the application.
View 2 RepliesWe have windows authentication set up on our staging server for our clients to help prevent google from indexing our staging URLs. We recently found out that one of our sites is seemingly ignoring our IIS settings (anonymous authentication is disabled, windows authentication is enabled). We ended up figuring out that removing the setting runAllManagedModulesForAllRequests="true" on the modules node (which is required for our URL rewriting on the site) fixes the issue and the windows login/password box appears as expected when we browse to the site. If we keep the setting there, the site allows any anonymous user to browse the website.How can we keep anonymous authentication off while keeping runAllManagedModulesForAllRequests set to true?
EDIT: We realized that we have other sites where this setting is on and windows authentication is working just fine. This only appears to happen in our ASPDotNetStorefront websites. I'm now wondering where I should check to see what is causing this issue - my guess is some sort of custom authentication module, but I don't have enough knowledge to figure out where to start debugging this.
I web application is in asp.net with Access databasesome times my application giving this error message "Could not read the record; currently locked by another user." or "Could not update; currently locked."I am using IDbConnection and IDbTransaction object.
View 2 RepliesJust going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
View 3 RepliesI am able to get a token with Windows Live Delegate Authentication samples provided by Microsoft.
Now I want to access emails (New, Read, Unread etc) from live account. How can I achieve it with the help of Windows Live Delegate Authentication? Are there any examples for the same?
The Samples given by Microsoft are not related to emails.
I have just installed SQL Server 2005. I selected windows mode authentication. I am not able to login in management studion. Now, I want to use mixed and server authentication option inplace of windows authentication. so, would that be possible after installation.
View 2 RepliesWhat's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 RepliesI set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
View 1 RepliesI have been trying to avoid the windows login userid and password window when I use the Windows Authentication mode for a web site. I need to capture the the windows logon user name without prompting for the user id and password and display that on the web site. I had tried almost everything... changed authentication,security setups on IE and IIS etc... still not being able to avoid the window...
View 1 RepliesI'm trying to enable automatic Window authentication working on our ASP.NET Intranet. I've changed the Authentication on our IIS 7.5 server from Anonymous to Windows Authentication Enabled only, and changed the Web.config file for the website to:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
The Windows login box appears when accessing the website via IE 8, I enter valid credentials, but the login window keeps reappearing as if it does not accept my credentials. By repeatedly cancelling the login box it disappears, and my login name can be viewed on the website. Is there any possible reason for the login box to keep popping up even though valid credentials are being entered? I've restarted the servers / cleared browser cache etc. Also, ideally I would like the user to enter the login details once in the login box and not be required to reenter login details whenever he reopens the browser.
What do I need to do in order to change an application from Forms Authentication to windows authentication?
View 2 RepliesI have a web application (intranet based) which uses Windows Authentication. Unfortunately there are public computers that have public logins at some company locations. My web app doesn't support these public logins because I need to know the user workingSo, even though these public users are windows authentication users, my app will fail because I have no user account setup for that particular account. I want to then try Active Directory Authentication.In my Default.aspx.cs I'd have something like this
protected void Page_Load(object sender, EventArgs e)
{try
userContext = new UserContext(); // If the authenticated user isn't a user in my system then throw an exception
}
[code]...
We have a working version of application (Intranet) with uses Windows Authentication deployed in Windows 2003. The application uses HttpContext.Current.User.Identity.Name to get the logged-in user. Here impersonate is turned off.Right now, we are move to Windows 2008 RC2 where this Windows Authentication problem arised. I have Digest Authentication and Windows Authentication enabled. And also I have enabled Anonymous Authentication enabled to avoid the Login dialog of IIS in the end-user IE. Now I am getting HttpContext.Current.User.Identity.Name as Empty. When I impersonate using username and password, I am used to login using that user but all the users uses the same user to login.Does any has solution for this?Deployment Server - Windows 2008 RC2 (IIS 7.5)Development - Windows 7 (IIS 7.5)I am new to IIS 7.5. Please give me a solution
View 3 RepliesMy overall goal is just to get the logged on users information for an Intranet site I'm developing without them providing their login (since they are already logged into their computer). So far I just get 401.1 errors and it keeps asking for my login/password. Even though I provide my login/password, it still won't let me in.
I've Enabled Windows Authentication from IIS > Sites > Default Web Site, added this to my web.config:
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
My Application Pool is setup as Integrated / ApplicationPoolIdentity for .NET Framework 2.0.
I've been asked to convert an asp.net application from forms authentication with roles using the aspnetdb database to use windows authentication instead.
what is required to do this? can I still use the roles defined in the app and stored in aspnetdb?
I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.
For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.
I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).
Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.
Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication?
For example:
A website contains several other folders that contain parts of the overall application: /frontend,/backend, /login
The bin folder is on the same level as these subfolder, i.e. the root of the website.
All of these subfolders contain pages that use binaries that reside in the bin folder of the root of the website.
The user must input windows credentials when visiting a page in the backend folder, but not when visiting a page in the login or frontend folder.
I am developing one intranet website. Being an intranet application, one of the requirement is to have a single sign on feature.
It means that the windows PC username (i.e the "ctrl + alt + delete" username) is going to be the username for the system.
How do i fetch that username?
I tried the following two ways which are working in debug mode but not on live site.
System.Security.Principal.IPrincipal user = System.Web.HttpContext.Current.User;
Response.Write(user.Identity.Name);
&
Response.Write(Request.ServerVariables["AUTH_USER"].ToString());
Both the above method works when i run the page from visual studio.
However when i run the page from IIS or any other server, it gives me a blank value
I'm having a tough time implementing mixed-mode authentication (windows & forms based) for my application using IIS 7. Doing it in IIS6 is easy, but the process doesn't translate to 7/7.5 - and my research has led to me to conflicting answers, none of which.
I have redirect page called WindowsLogin.aspx, and a forms-based one called Login.aspx. I'm having difficulty enabling Windows authentication for just WindowsLogin.aspx.
I have an ASP.NET web application that is using forms authentication. Everything is configured and working correctly. However, i'm dealing with the issue of creating and maintaining users and role membership.
I know that I can roll my own solution but I'm wondering if there is an alternative solution?
Does iis7 provide screens for managing forms authentication users? Is there a reliable, free solution that someone would recommend?
I have a website on IIS 7. This website has a HttpModule with an AuthorizeRequest event handler. This event does not fire for CSV files and I can access the file without logging in, I guess this is because IIS7 is not configured to require form autentication for CSV files.
View 2 RepliesI'm writting a software in C# and .NET to manage my store, which has a site where you can go and opt in to receive a sellers person visit. This site has an behind the scenes manager, but I want the software to do this instead, effectively removing the browser manager and the first step towards this goal is to allow the software access to a PHP script that generates tha XML file required.
The problem is, the login mechanics, written in C# and using web.config, doesn't allow the software to access the said script, which is inside a protected folder for the browser manager. I already tried using HttpWebRequest object, WebClient object with lots os combinations of post, credentials, streams and even a special user-agent to try and login, without success, I can only download the login page.
Here's the code I'm using to download data at the moment (That's my latest try, using the special header):
string agent = "AGENT"; //Not real name, it's just confidential
WebClient client = new WebClient();
client.Headers["HTTP_USER_AGENT"] = agent;
client.DownloadFileCompleted += new AsyncCompletedEventHandler(DownloadFileCompletedEvtHdl);
client.DownloadProgressChanged += new DownloadProgressChangedEventHandler(DownloadProgressChangedEvtHdl);
if (!Directory.Exists(toSavePath))
{
Directory.CreateDirectory(toSavePath);
}
if (File.Exists(toSavePath + filename))
{
File.Delete(toSavePath + filename);
}
client.DownloadFileAsync(new Uri(url), toSavePath + filename);
The login page is pretty simple, it only assings a click event to the login button to check if the user and password are the same in web.config. If true, got to redirect page, else, error.
So, what's the best method for this? Is there any way to configure IIS7 to skip the authentication on that special user agent or some other custom header? Or I'm going the wrong way?
I am trying to implement single sign on for users within our domain and if the are not then they get re-directed to the login screen to use forms authentication.
I have followed this tutorial below
however I get two issues firstly if I go to my forms authentication page no css or images now display and if i try to login i get an error.
If I go to the login page which should recognise me from the AD I get 401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied.
[URL].....