At work, I'm working with our server team on setting us up with several new IIS/ASP.NET web servers. We want them to support Windows based authentication so that we can verify identity without logging in. Our ASP.NET test script is all set up to use it, and
is working fine. We've also managed to get it enabled in IIS, so that when I hit the page, I get "Welcome, VIA\MYUSERNAME" - which is great. Unfortunately - to enable this, I had to disable anonymous access in IIS ( with anonymous access on, I am shown as
being not authenticated ) . This means that when people from certain other areas of our company visit the page, they get a login request, as they're not in the same local domain ( VIA, for me and the server, VIA2 for them I believe ) as the server. Changing
their domain isn't an option unfort. Ideally, what i'd like to do is have both windows authentication AND anonymous access on, so that in our ASP.NET scripts, we can authorise if possible or handle the anonymity on an app-by-app basis, with our own methods.
Does anyone have any idea as to how i'd go about this? As i'm clueless!
iis 60IIS Windows Securityiisauthenticationasp.netwindows
Create two virtual directories pointing to the same folder where you have hosted you application. One with anonymous access and the other windows authentication
Give one url to outsider and the other to insider.
Handle anonymous and authenticated request on the page Level.
If your outsider list is small you can give them windows logins and ask them to login to the same site you have created. They can still use domain authentication from outside the network by entering the domain\user. For this you have to change to Basic authentication
which might be a security risk as the password is sent as clear text. This problem can be solved if you use SSL along with Basic authentication.
DanCryer
0 Points
1 Post
Windows Authentication with IIS/ASP.NET
May 16, 2007 10:09 PM|LINK
iis 60 IIS Windows Security iis authentication asp.net windows
antonpious
Participant
996 Points
144 Posts
Re: Windows Authentication with IIS/ASP.NET
May 17, 2007 07:00 AM|LINK
Hi Dan,
Create two virtual directories pointing to the same folder where you have hosted you application. One with anonymous access and the other windows authentication
Give one url to outsider and the other to insider.
Handle anonymous and authenticated request on the page Level.
If your outsider list is small you can give them windows logins and ask them to login to the same site you have created. They can still use domain authentication from outside the network by entering the domain\user. For this you have to change to Basic authentication which might be a security risk as the password is sent as clear text. This problem can be solved if you use SSL along with Basic authentication.
Happy programming,
Anton