I have an Intranet which is on IIS 7.0. I want to authenticate my users and know who is logged in. What options do I have to set in IIS Authentication part that my users do not need to type their user name and password to login to Intranet. I have set the Authentication to Basic and Impersonation, but it is asking user name and password.
View 3 RepliesThis could be very straight forward for some of you, but I got caught up. I am doing very simple test - browsing from IIS Manager to see the default page or "under Construction", however I am being challenged to provide my login credential . When I provide my login credential, I am able to see the default page. I wanted to see the default page without providing my credential since Enable anoymous access + basic authentication I am simply wanted to see the default page asit is working on other servers except this one. I have included screen print to make sure may question is clear.
View 3 RepliesWhat's the difference between Basic Authentication and Integrated Windows Authentication in IIS?
View 3 RepliesI have been looking for code samples on how to do impersation with forms authentication for the current logged on user. I have found samples on the internet and this site and most seem to refer to windows authentication not forms. I am wanting to run specific blocks of code under the current user's credentials to access lists of files on servers on the internal network and display them in the page.I found this article on MSN for using impersonation in various ways, http://support.microsoft.com/kb/306158 and I was able to use the section of code where it describes how to Impersonate a Specific User in Code. This works quite well with forms authentication but requires a service account in AD with login and password. One the same page is a sample of how to impersonate the authenticated user in code, but this only seems to work with windows authentication. As have all other samples I could find, such as the article here,http://www.codedigest.com/codedigest/9-identity-impersonate-at-code-level-in-asp-net.aspx. But trying those with forms authentication results in the error "Unable to cast object of ype 'System.Security.Principal.GenericIdentity' to type 'System.Security.Principal.WindowsIdentity'" Since there is no windows identity with forms authentication.Can anyone point to an article that describes how to do impersonation with forms authentication at the code level?
View 4 RepliesI've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. I've scoured the internet trying to find a solution to my issue, but nothing fits or works. I have tried setting the web.config:
[Code]....
I also tried using the LogonUser method to create a user token and backend the authentication that way, and it doesn't work either.
[Code]....
I'm looking to implement my own basic webforms authentication. I don't want to use the 'membership' features in this case because I don't want to modify the database schema with all the membership elements that I won't use, and I don't need to support users across multiple applications. I want to wind up with one simple 'users' table that has username, password, passwordSalt, and several other fields to support custom user attributes specific to this application.
I was looking at this:
http://www.xoc.net/works/tips/forms-authentication.asp
but it's rather dated... is this still valid? I'm looking for guidance on what I need to do to implement a custom webforms auth solution. A very basic skeleton I can expand upon, or a good tutorial/guide that illustrates the necessary parts... just the basics..
I'm trying to enable passthrough or impersonation authentication inside an ASP.NET website that uses the TFS2010 API.I've got this working correctly with Cassini, however with IIS 7.5 (Windows 7) something is going wrong.I found this blog post on the subject, and tried the following:
private static void Test()
{
TfsTeamProjectCollection baseUserTpcConnection =
[code]...
I have a web page that calls a WCF service that makes a sql database call using Integrated Security. I get an error saying, "Login failed for user 'CorpDomainServerName01$'". I want it so that it all layers will execute under the user's AD credetials (working in an intranet), ie: "CorpDomainAlbert". On the server (Win 2008/IIS 7), I have Windows Authentication turned on and everything else off (including Anonymous) under Authentication for both the web client and the WCF service. Here's my client web.config:
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authentication mode="Windows"/>
<identity impersonate="true"/>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IMyService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<!--<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />...........................
I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.I have disable anonymous authentication, enable asp.net impersonation.I have added <identity impersonate = "true" />I have added the a user to the security logins that is connected to the database I try to connect tThis is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;errormessage
In my asp.net MVC 3 web application, I want to implement basic authentication system in my webapp. I have been searching and reading for past two days but still not able to get a hold of it.
I was following [URL]
I created a CustomMembershipProvider class in my models
[Code]....
In my webconfig file, I do have [Code]....
Now, I created a AccountController, in that I added following code
[Code]....
After that I added view fo Logon
[Code]....
Now, the first problem which I am facing is, when I Debug the webapplication, I get HTTP404 error. Url generated
[URL]
But when I try to open
[URL]
I need to create an application (ASP.NET or WinForms or Windows Service, not sure) that needs to make a call to a url including username and password for basic authentication and have the url return a csv file. I then need to use the csv file in the application. I don't know how to do this. How do I call the url in my app. There can be no user interaction, it needs to be completely automated in the returning of the csv file.
View 2 Repliesi call my project web service, previously there was no pre-authetication. Now i didn't work web service. My code is as follows:
[Code]....
I have an app that uses impersonation to gain access to a database (on server separate from IIS). The app connects to the database using a trusted connection and seems to be working just fine. However, we get these logon failure events in the security event viewer:
[Code]....
It must have something to do with impersonation because the login failure is for the domain account which my app is impersonating under. But again, the app is working fine so I'm having a hard time figuring out how to stop these logon failures.
We have Novell's Access Manager protecting our site. After the user logs in, Access Manager forwards the request back to a web page. On that web page, I need to read a combination of some Basic Auth username information as well as some custom header variablest that AM is passing to the web page. AM will continue to send these variables/values on every page as long as the user stays logged in.
What I'd like to do is create a class that checks for these values to evaluate whether the user is logged in or not. How do I gain access to those variables from a .cs class file?
I have an XML web service where the authentication used is BASIC WINDOWS. Following is my client code to connect to the service.
[Code]....
Now, the issue is that the client is really authenticated only in the first attempt(First time I execute the code in VS). Further attempts succeed even if the code to assign credentials is commented or even after providing wrong user id/ password. I ensured that the server is hit each time(Just to make it clear that it not just because of client side caching).Is this the behavior of Basic authentication/credential cache. I would prefer the client be authenticated each time he hits the server.
what is impersonation in asp.net? Is authentication and impersonation both are same ?I googled and found both are one type of security.
View 3 RepliesWe are in the process of building ASP.NET windows auth application. Where user need to interact with other internal system using the same single sign on. To interact application DB the system relies on App Pool account, for this we are every time doing the imporsanation to before every DB call. We can not have all useres added to DB, or create an SQL account. Which requires password and user to store in Web Config. We can encrypt it again you encrypt with what and etc ..So we have one windows account wihich same windows account used for our app pool as well.
I would like to know from the team is what is the best way to do the DB connection in this case?What is the implcations if we imporsanate the DB calls based on the app pool account ? Is it a best practice? I have read it creates its own thred and stuff, Do we need to worry ?
I noticed impersonation is turned on by default in MOSS web configs. I tried disabling it but the web app returns an error. So my question, is it possible to disable impersonation in MOSS? If it is possible are there any special considerations I should be aware of?
If you're interested in why I need to do this...I need to have a custom web part (developed with SmartPart) talk to a separate SQL server using the application pool rather than the current user (Kerberos is enabled). If I set the authentication mode to NTLM I get NTAuthority/ANonymous login errors from my SQL connection. If I turn Kerberos on, the currently logged in user's credentials are passed. If I hard code the user id and password in the connection string it seems to ignore it and default to whichever security model is in place (NTLM or Kerberos).
I've added the identity tag for impersonation. I've configured my site under IIS 5.1. The identity i've added is my domain username/password. But when I run any exe file from my asp.net file, it still runs under "aspnet" user name.
View 1 Repliessuggest me a good Video to look at that can give me a start on how to use Impersonation?
View 1 RepliesI am trying to use impersonation on an IIS server while I access Active Directory data. The following code works fine on the localmachine but when I put this same code on an IIS server I get an error: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.
If I remove the top 4 lines and add my ID and passcode to the DirectoryEntry, everything works fine. I would prefer to not have my id and passcode anywhere on the web. Any ideas on how to fix this? Dim impersonationContext As System.Security.Principal.WindowsImpersonationContext
I am using impersonation in my ASP.NET application to access network resources. It works fine when I run on my computer, however when I setup the site on IIS6, it does not work. Is there some extra configuration, I need make in IIS for it?1. I created an account "TestUser" with the privilege as "act as operating system" on a server that has the resources which I want to access.2. The impersonation works fine on my computer, when I run from visual studio. My computer is on the network under same domain where the "TestUser" is created.
View 5 RepliesI am running ASP.MVC 2 with LINQ2SQL on IIS 7.5. I have enabled Windows Authentication with ASP.NET Impersonation. Application pool is running on different domain account [AsiaTestWebUser] is part of windows group [AsiaTestUserGrp]When i enable Asp.net impersonation on MVC web site. Once i hit LogOn from the default page , it's throwing me with below error message
[Code]....
In my Web.config of my ASP.NET app I have set below:
<authentication
mode="Windows"/>
<identity
impersonate="true"
/>
I have a service account SvcAcc to manage contacts (add/update/delete contacts) for all the exchange users. I Impersonate using the below cmdlet to manage contacts but it also allows SvcAcc to perform other functions (such as send email etc) on behalf of the user.
cmdlet
New-ManagementRoleAssignment -Name:impersonationAssignmentName -Role:ApplicationImpersonation -User:serviceAccount
//impersonation code
service.Credentials = new NetworkCredential(ServiceAccountUserName, ServiceAccountPassword, domain);
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, userEmail);