Last post Sep 27, 2013 06:04 PM by Altaf_Ksa
Jul 12, 2013 10:57 AM|Mario Zagreb|LINK
I have created asp application by this tutorial:
And this works great.
Now, I need to set single sign on. i.e. if user is already logged-in in Windows, then he needs to be automatically logged-in in my asp application. I tried this:
but, it doesn't work. I don't have c:\inetpub\remote folder on my system (windows server 2008 r2).
This is web.config of my application:
<forms loginUrl="logon.aspx" name="adAuthCookie" timeout="10" protection="All" path="/" />
What do I need to do to automatically log user if he is already logged-in in windows?
Jul 12, 2013 11:21 AM|BrockAllen|LINK
Use windows authentication:
Jul 12, 2013 06:21 PM|Mario Zagreb|LINK
Is it possible to have both, windows and forms authentication? Let's say that user can access application only if he is a member of a specified group in Active Directory and I need to use windows authentication. How can I do that?
Jul 13, 2013 06:58 PM|BrockAllen|LINK
It's not offically supported. There are a few hacky workarounds but they all end up using two different apps in IIS -- use your fav search engine :)
Jul 14, 2013 06:19 AM|Altaf_Ksa|LINK
I had same situitation where window's user need to check against Active Directory prior login to system. so workaround which i did is check the LOGON_USER with server variable help which return domain\username of current window user ,based on that i check
on AD whether user exist in AD or not if yes then retrive his\her group and perform regular operation.
string strDomainuser = Request.ServerVariables["LOGON_USER"].ToString();
and make below given changes in web.config
<authentication mode="Windows" />
<deny users = "?" /> <!-- This denies access to the Anonymous user -->
config entries restrict the user otherthan assigned domain.
Hope it helps you.
Jul 14, 2013 10:09 AM|BrockAllen|LINK
The hard part is how to handle the challenge, not how to accept credentials. IOW, when the user is not allowed, if you're doing forms auth then you need to do a 302 to the login page. But if you want windows auth and you want the browser to do the challenge
then you need a 401. So from the server for an anonymous user, which one do you return? You don't know because you don't know who the user is.
Sep 26, 2013 12:57 AM|immad|LINK
i have a same problem.i want that user enter his windows login id and pasword in widows login box and all the asp.net project extract that username and password and run .
can u tell me where i write this line and what is the mean of "LOGON_USER"
please help me out .
Sep 26, 2013 04:58 AM|Altaf_Ksa|LINK
first as far as i know we can't retrive window login password..
above line will return Domain\Username of windows loggedin user. and you can write it on your default.aspx page to first test.
Sep 26, 2013 05:09 AM|immad|LINK
i mean to say that every user can see his only data so if his windows login id extract my asp.net application and in database i enter his user id so user can see his data only.window password is enter by user thats ok only i want window login id thats it
can it be possible thanks for the help
Sep 26, 2013 05:26 AM|Altaf_Ksa|LINK
If you design your application based on user level information then ofcourse its worth to use becoz it only provide you with loggedIn user name only by using which you can extract his/her related info from DB.
Sep 26, 2013 05:45 AM|immad|LINK
so i just write this line in page load event
this line in web.config and problem is solve
<authentication mode="Windows" /> <authorization> <deny users = "?" /> <!-- This denies access to the Anonymous user --> </authorization>
Sep 26, 2013 08:24 AM|immad|LINK
is that posible that user write windows username and password in windows login and asp.net project extract that username and password and automatcilay asp.net project show dash board page of that user
thanks for the help
Sep 27, 2013 06:04 PM|Altaf_Ksa|LINK
bro i already told you we cannot extract windows password but there is a work around for your requirement all you need to do is to check incomming user againt active directory(AD), if user with same name exist into AD then you can proceed and show that user