We would like to use AD authentication with our Intranet site to control what pages different users can access. I'm very new to ASP.net and would be interested in links to a how to description. We are using Visual Studio 2008.
View 1 Repliesi m trying to set up an Intranet site with Windows Authentication. I have configured the web.config as shown below.
<authentication mode="Windows">
<roleManager enabled="true" />
I wanted to do authorization by roles so
<authorization>
<deny users ="?"/>
<allow roles="D820MySite_Developers, D820MySite_Admins"/>
</authorization>
I'm in the D820MySite_Developers group. When I attempt to login, it wants my password. I thought that with Windows Authentication it should not prompt for the password. If is use <allow user="*"/> it does not.
1. Is this the correct behavior?
2. My aspnetdb does not appear in the App_Data folder. Should it and is this causing the problem. If it should be there, how do I get it there?
3. I was under the impression that by using Windows Authentication, I can prevent users from accessing pages by folder. Is this provided by IIS or is this provided by Windows (using Windows Explorer)?
I'm trying to set up Windows authentication on an intranet site. I have this code in the web.config:
<system.web>
<authentication mode="Windows"/>
<authorization>
<allow users="domainuser, domainuser2" />
<deny users="*" />
</authorization>
</system.web>
I can log in with my own credentials, but I have virtually all the rights in AD. User2 can not log in. The website is set to use Windows authentication in IIS manager. And I've tried setting permissions in IIS manager and NTFS permissions for the folde
I am trying to build a web app for an intranet site that for security reasons needs to make the user type in their Windows or Active Directory username pwd manually. I have previously worked with Integrated Windows Auth but in this case, we do want them to use type in their AD credentials.
I have been trying to look up how to do this and frankly I am a bit lost. It should be a fairly straightforward task and am hoping you can point me in the right direction, with some tutorials or examples. We will be using SSL so, dont have to worry about passing pwd in cleartext over the wire.
My environment is visual studio 2008 in C#, .net 3.5 if that matters.
We also have sales rep that take call and use the same website to take the orders.
My boss wants me to allow the SR to only be able to take orders if they are in the network itself. When I ask why he tells me "just because".
I'm sure there's a way but I can't see it at the moment. How do I go by doing that? Also keep in mind that if the SR is outside the intranet, he can't be allowed to enter his active directory login/password (so the login window must not even show).
I've a project using windows authentication and it will be used in intranet. The client itself already have a web application in their intranet and they built it with Java (they used windows authentication too). The problem occur when they want my web application only appear within their application content section.
What should I do? I did think about using iframe but some people said it's evil. And if I'm going to use iframe, is it save? My web application will use a few pop up window/modal window and ajax.
The company I work for has a web app running on IIS that has been strictly internal (uses a port other than 80 not accessible to the internet). Recently we started using mobile devices and need to access it over the internet. So I simply made it part of our company web site and secured that portion using forms authentication. The problem is that it is also our home page in the office and it is a pain to be logging in several times a day. In fact some of the staff are irate they have to login in at all when at their workstations. Is there a way to by-pass authentication when the referrer is http://servername/ and still enforce it when accessed via http://www.domainname.com?
View 1 RepliesWe are having an issue with the windows authentication and IIS restart for asp.net application Our environment is an intranet site (an asp.net application ) that uses windows authentication, uses integrated security application pool, physical path credentials are set for a service account, who is admin for sql server, IIS etc. web.config - Connection string has Integrated Security = true, authentication = Windows, and authorization - deny *, allow = security group. Anytime we start - stop service (or restart) (IIS); and hit the website thru some other machine IE, it fails to show the website (401.2), and any subsequent hit to the website doesn't go thru.
However when we start the service, and hit the website on server's (where website is deployed) browser first time then everything works fine for subsequent hits from anywhere as long as authenticated on corp net and member of security group configured in web.config. This behavior however goes away if we uncheck the configuration "Enable Kernel-mode Authentication" on the asp.net application. ( but then Firefox browser stops working with this configuration!!) Why such behavior? In the documentation it states its recommended to keep it enabled. What is recommended way of publishing a website with windows authentication enabled? Any side effects of "Enable Kernel-mode Authentication" being unchecked ( other than what we found for firefox not working) Environment : IIS 7.5 windows 2008 Server R2, VS2008, SQL Server 2008, ASP.NET 2.0
We have developed a website in asp.net using windows authentication and deployed it on the intranet (IIS v6.0). Most of the times, when users try to access this website they are taken straight to the website, but occasionally some users get a prompt to enter their windows username and password. I understand that this could be caused because of several reasons like:
Cached active directory password. Recently active directory password changed. Active directory account locked out. I want to fix this issue for good because it is annoying the users.
I have 2 website A and B.
B site with windows authentication
I want to open B site as new window from A site, so its ask for windows credential. I have credential in A site. I am opening B site using Javascript.window.open.
how i can set credential for B site from A site.
To work with the ASP.NET 2.0 Membership and Role, we will use Forms authentication for the public Internet.
On the other hand, we use Windows authentication for Intranet applications. uestion: In a website with Windows authentication, can I still have some kind ofole management for different
groups of the Intranet users? If yes, how?
I am taking an existing ASP.NET site with authentication, membership & roles and updating it. In the process I am pulling the authentication portion off of the site and using an SSO (through Central Authentication Services - CAS). I need to retain the use the membership and roles of .NET. Right now my site allows users to add an account and I approve and add them to groups. Since I will no longer do the account management I still need a way to add them to the proper groups once they have an account.
The question is sort of a chicken/egg question... Since I am the admin I need to add myself first, but since the authentication is no longer local how do I do this? Do I develop a special function just to add my account and then other pages to manage the rest?
I'm working on a new project and I would like to use forms authentication to protect the necessary pages. The project is going to be focused on companies where a company would create an account and have multiple users. Each company should have its own data and should not be able to see other companies' data. What would be the best way to go about this? I've considered using a subdomain for each company which would tell the application which membership provider to use. I've also considered using an additional credential such as company ID to specify which company the user is logging into.
View 7 RepliesI have an intranet site that i set up to windows authentication. It works fine most of the time but some departments wont be able to access the site and will be asked to enter user name and password.I checked their Active Directory account and the only difference i could see was that the organizational unit parameter was different than the rest of the users.
View 5 RepliesWe have a link in our site that pin points to sharepoint documents and we are retreiving some documents files (*.doc). Our sharepoint uses IWA (integrated windows authentication) which is prompted if we're trying to access that documents, unfortunately we don't want to prompt that window to authenticate the user. We need is to create a username and password and authenticate it. how can we do that.
Note* we have 2 server one for our application and the other one is for sharepoint.
I have built my intranet using MS Visual Web Developer Express 2008. There are several secured areas and my manager asked me to find out if tracking the traffic is possible. Things that I would need to track include:
Which unique user ID's logged in and when? How many times did the same user login? Last login What info was accessed? What page(s) had the most hits? Would I need a database for tracking purposes? Would this info be available with a "dashboard" interface?
Do any of you guys have experience using Active Directory and the Intranet Zone to silent authentication with a local web site? I've done it in the past with 1.1 and 2.0 .NET, but this 3.5 site I have written doesn't seem to be working for some reason.In the past, how I have done it is:
In web.config, set:
<authentication mode="Windows"/>
In IIS 6, under directory security, check Integrated Windows authentication and Digets authentication for Windows domain servers, and set the realm to my domain, and uncheck Enable Anonymous access.The I add the Host Header for the site to the corporate Intranet Zone in Internet Explorer under trusted sites using Active Directory.And that's basically it. I've done it on plenty of intranet sites before, but with this 3.5 application I am still being propped to login. Anybody see any steps I missed?
I have an an intranet website running under IIS6 (under a specific port, not the default one) with a integrated windows authentication enabled and uses an application pool configured with a service account. the issue is, if I access the website using the server name with a fully qualified domain in the URL, it throws a login prompt (doesn't work even if enter my windows login credentials), but if I use the IP address of the server then it works fine. I need to do to get the URL with server name working.[URL]
View 3 RepliesI've an ASP.NET application hosted inside a local area network. The application host machine has access to the internet while the local area network clients do not.
There is one requirement where I've to show a web page with rich content (images) in an IFrame from internet (public network) address.
However since internet access is not available on the client, this somehow has to be done from server and then needs to be served to client.
How can this be done?
An abstract high level idea of where to begin as I am totally clueless at this point.
Background:
I am setting up an intranet site (ASP .NET) where users from our local user group (who are also added in our user table) will have access to web applications they are given access to. Right now I am developing from my PC and using SQL Server 2005 Express as the database, but the final site will be hosted on an application server with IIS 6.0 and the database on an instance of SQL Server 2005. I am a .NET newbie and it's a daunting task, but the experience is worth a million dollars.
Details:
We are using Windows Athentication for our intranet site. Therefore I am not using ASP .NET's membership data sources. Rather all the user information will be stored in two tables tblEmployee (all employees in my company) and tblUser (all users of the intranet site).
tblEmployee has fields - EmployeeID, FirstName, LastName, CostCentre, Role, ManagerName, UserID
tblUser has fields - EmoployeeID, UserID, ApplicationID, AccessLevel, AddedBy, DateAdded
(I have set up these tables and I can change them any time).
What I need to accomplish - When an user goes to the intranet site, I can get his/her domain username. I need to check if this user exists in tblUser (domain username is same as UserID in tblUser). If user exists, we display all the applications he/she has access to, else display a "no access" page.
Specific questions:
What are some of the things I need to "learn"? (as I said before, I am a .NET newbie, but a fast learner too) I need to use URLAuthorizationModule for validating a page request. How do I hide the username from the URL? I was thinking along the lines of using a session ID... but then how do I know who the user is? I am sure these is a way to encrypt the UserID, just can't find it.
My company uses Google Apps for our e-mail/business app provider. Every employee has an account here.I'm looking into creating an asp.net web app that would allow users to sign-in (using their Google Apps account) and then accomplish certain things (first goal: keep a current record of the employee's skillset).Before I get started, I wanted to find out if an OpenID login system using Google Apps is any more difficult than doing it the standard way, or if I need to be aware of any pitfalls.
View 2 Replieswe are migrating existing windows form application to asp.net(3.5) intranet portal, there is a requirement whereby database connection should be made by the logged in windows user. Is it possible to achieve this functionality?
View 1 RepliesI'm trying to connect to a site using digest authentication but it continuously gives "401 - Unauthorized" even the password is correct. Here's the sample code I'm using:
[Code]....
This is the server header I got:
Server: Apache/2.2.13 (FreeBSD) mod_ssl/2.2.14 OpenSSL/0.9.8e DAV/2 mod_wsgi/2.8 Python/2.5.4 PHP/5.2.12 with Suhosin-Patch
I am getting this error when trying to connect a database from another computer in my home network:
System.Data.SqlClient.SqlException : Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
this database is using windows authentication. sqlserver 2008.
What is the connectionstring that I need to use in order to get the database?
Asp.net can be use window authentication. In my web site i want to control with window authentication and form. Is it possible to do?
If it possible to do how can be make it? Another one is, if i use window authentication, how can be identify group. For example. Sales group cannot be see purchase or etc. Window log in can be give group. So how can i define this part?