I set authentication mode to Windows in the web.config and I enable Windows Authentication and disable the Anonymous Authentication in IIS 7 on win 7, but HttpContext.Current.User is always null.It works fine when I host the web app in IIS 6.0.
Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
I have a web application and I want to provide anonymous access to a couple of the web services in it so that we can access the web services from computers without a windows login on our network.
I've tried the stuff here Disable authentication on subfolder(s) of an ASP.NET app using windows authentication. I've done this:
[Code]....
These both "work" in that they allow access to the web service for anonymous users. However, it seems that IIS still sends an authorization challange because when I access the service from a browser I get a box to enter my username and password. If I hit cancel I get access to the page anonymously. However, some of our clients don't handle this well and just fail because of the 401 return code.
Is there a way to completely disable the windows authentication on that single location such that IIS will not try and establish a windows authentication?
I have just installed SQL Server 2005. I selected windows mode authentication. I am not able to login in management studion. Now, I want to use mixed and server authentication option inplace of windows authentication. so, would that be possible after installation.
I have a web application (intranet based) which uses Windows Authentication. Unfortunately there are public computers that have public logins at some company locations. My web app doesn't support these public logins because I need to know the user workingSo, even though these public users are windows authentication users, my app will fail because I have no user account setup for that particular account. I want to then try Active Directory Authentication.In my Default.aspx.cs I'd have something like this
protected void Page_Load(object sender, EventArgs e) {try userContext = new UserContext(); // If the authenticated user isn't a user in my system then throw an exception } [code]...
I've been asked to convert an asp.net application from forms authentication with roles using the aspnetdb database to use windows authentication instead.
what is required to do this? can I still use the roles defined in the app and stored in aspnetdb?
I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.
For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.
I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).
Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.
I have been trying to avoid the windows login userid and password window when I use the Windows Authentication mode for a web site. I need to capture the the windows logon user name without prompting for the user id and password and display that on the web site. I had tried almost everything... changed authentication,security setups on IE and IIS etc... still not being able to avoid the window...
I'm trying to enable automatic Window authentication working on our ASP.NET Intranet. I've changed the Authentication on our IIS 7.5 server from Anonymous to Windows Authentication Enabled only, and changed the Web.config file for the website to:
The Windows login box appears when accessing the website via IE 8, I enter valid credentials, but the login window keeps reappearing as if it does not accept my credentials. By repeatedly cancelling the login box it disappears, and my login name can be viewed on the website. Is there any possible reason for the login box to keep popping up even though valid credentials are being entered? I've restarted the servers / cleared browser cache etc. Also, ideally I would like the user to enter the login details once in the login box and not be required to reenter login details whenever he reopens the browser.
We have a working version of application (Intranet) with uses Windows Authentication deployed in Windows 2003. The application uses HttpContext.Current.User.Identity.Name to get the logged-in user. Here impersonate is turned off.Right now, we are move to Windows 2008 RC2 where this Windows Authentication problem arised. I have Digest Authentication and Windows Authentication enabled. And also I have enabled Anonymous Authentication enabled to avoid the Login dialog of IIS in the end-user IE. Now I am getting HttpContext.Current.User.Identity.Name as Empty. When I impersonate using username and password, I am used to login using that user but all the users uses the same user to login.Does any has solution for this?Deployment Server - Windows 2008 RC2 (IIS 7.5)Development - Windows 7 (IIS 7.5)I am new to IIS 7.5. Please give me a solution
My overall goal is just to get the logged on users information for an Intranet site I'm developing without them providing their login (since they are already logged into their computer). So far I just get 401.1 errors and it keeps asking for my login/password. Even though I provide my login/password, it still won't let me in.
I've Enabled Windows Authentication from IIS > Sites > Default Web Site, added this to my web.config:
I have an ASP.NET MVC 2 (.NET 3.5) application. It is hosted on IIS 6.
For the sake of this question I have two urls.
http://example.com/
http://example.com/admin
I want admin to be available to any user on the domain, and the root to be available to all users. The server is on the domain but the domain is example1.com, so they are not the same.
Since this is ASP.NET MVC there is no Admin folder to set rights on. I have tried setting the whole site to block anonymous request and have had it allowing all request. Then in the web.config I set it up to deny unauthenticated users in the admin folder and/or allow anonymous access to the root.
What I end up getting is a login prompt that doesn't work. I've tried the user name and example1username but it always fails to login.
So, i have my virtual directory with Anonymous Access disabled. I allow users to login to my app through the windows server login.I wish to know how i can, through the code, capture the username that is logging in.
We have ASP.NET application which uses Windows integrated authentication. We would like to use the same windows authentication with our WCF service. Our ASP.NET is using the Windows Kerobros authentication. Is there any way we can leverage the same windows token for WCF service atuthitication.
Is it like configure the WCF with windows authenication and the same groups configure their. I would like to do something like Single Sign On type of implementation.i am assumeing it will be like impersionation the current user and call the WCF call.
In my development environment everything works as I expect. I can access all the pages and as soon as I get to a secured page I check the Request.IsAuthenticated and redirect to the login page if needed. The problems starts when I deploy the project under IIS7. When I access the site I'm being redirected to the login page (as defined in the web.config) although it suppose to be a public page... If I disable the Form Authentication in the admin console Request.IsAuthenticated always return true.So
How can I make IIS behaves like my ASP.NET development server?
I have setup a trivial preview website for a client that needs basic password protection. I'm using Forms Authentication with the credentials specified in web.config.
Everything works fine on my box (famous last words)
However, when I deploy to a production website running Win2008, the authentication code attempts to open a SQL Server database (I have no reference to anything SQL in web.config). How can I disable this behavior so that authentication is based on the credentials I have entered in web.config?
Exception in Event Log
Unable to connect to SQL Server database. at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) at System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) at System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(String connectionString) ... at System.Data.SqlClient.SqlConnection.Open() at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString)(URL)
I been strugling with this for 2 days now without comming any closer to solution. I have read 20-30 threads alteast and stil can not resolve this.I have disable anonymous authentication, enable asp.net impersonation.I have added <identity impersonate = "true" />I have added the a user to the security logins that is connected to the database I try to connect tThis is the connectionstring I use:
Data Source=IPTOSERVER;Initial Catalog=Phaeton;User Id=User;Password=Password;errormessage
I'm developing an intranet site for a client on my development system. I'm using windows authentication and I understand I should not be challenged to logon when I open the Intranet Site. However I am. I was speaking to a tech from microsoft, and he said it was because the url I'm using goes out to the internet.
http://localhost/IntranetSiteName/Default.aspx
How should I change the URL so it opens the IntranetSite on my local pc?
I have a web application set up on our intranet that uses windows authentication (successfully) that I am trying to link to a database running on a separate server.
The problem that I am having however, is that when I try to use a trusted connection to log in to the sql server, instead of passing the domain/username of the person using the website the application is passing NT AUTHORITYANONYMOUS LOGON.
I checked that the authentication was working by having the website display a greeting that does identify my username correctly when I log on to the site, so it isn't an anonymous access issue. I think it is an impersonation issue somehow despite the fact that set in the web.config file for the application.
Curiously, the web application works fine when I run it on either my dev machine or even locally through remote desktop on the production server. I'm not sure what's going on here.
Finally, I'm running iis 7.5, windows server 2008 r2 and sql server 2008
I am trying to get the windows authentication for intranet design Codes return userid of my system but when I try the same fron other system, there too they return only my system's Id.