Last post Mar 27, 2014 07:46 AM by smirnov
Mar 16, 2014 02:31 AM|jaheshkhan|LINK
I have an web site that can retrieve some data from active directory.
I was able the user to enter their AD username and password to get the information.
my current problem is that if the user computer is part of domain or the computers in LAN should be able to login to the website without entering username and password.
ie. if the computer is not part of domain then they should enter username and password. if the computer is part of domain then it should get username and password from the current logged in windws user. How can i achieve this?
I prefer if the user checks a checkbox then they should logged in current windows user credentials.
My only aim is to get the current logged in username and password. or just username
Mar 16, 2014 04:18 AM|jaheshkhan|LINK
not a single answer for this??????
Im not a full time experienced programmer. These are the different code i tried. I didnt do any changes in web.config. Please dont bother about commented. it is to show that i tried different way to achieve it.
MembershipUser currentUser = Membership.GetUser();
////Get Username of Currently logged in user
//string username = currentUser.UserName;
//directoryEntry.Username = HttpContext.Current.User.Identity.Name;
//directoryEntry.Username = System.Web.HttpContext.Current.User.Identity;
//directoryEntry.Username = System.Web.HttpContext.Current.User.Identity.Name;
//directoryEntry.Username = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
//Get the complete name with your login name and domain name
//string splitName = System.Security.Principal.WindowsIdentity.GetCurrent().Name.Split('\\');
//if split contains more than 2 value then take the second section
//string name = (splitName.Length > 1) ? splitName : null;
//directoryEntry.Username = name;
//directoryEntry.Username = Page.User.Identity.Name;
//System.Security.Principal.WindowsIdentity UserSecurtityPrincipal = Request.LogonUserIdentity.Name;
//String CurrentUser = UserSecurtityPrincipal.Name;
//directoryEntry.Username = UserSecurtityPrincipal.Name;
directoryEntry.Username = Request.LogonUserIdentity.Name;
lblfname.Text = "username: " + directoryEntry.Username;
Mar 16, 2014 11:20 PM|Michelle Ge - MSFT|LINK
According to your description, you want to mixing forms authentication with windows authentication. So far as I know, if the computer domain in the same domain, we can stroe the user in a table, then we can get the user via HttpContext.Current.Request.ServerVariables["LOGON_USER"]
, then we can check if this user can pass the authentication.
There is a similar thread, please refer to the links:
Hope it's useful for you.
Mar 27, 2014 07:18 AM|jaheshkhan|LINK
thank you for your reply.
I tried it. but failed. i dont know what im doing mistake.
is there any thing i want to do in web.config file?
Mar 27, 2014 07:46 AM|smirnov|LINK
Try the following
1. Set Forms authentication in you web.config
2. Create an extra login page, Winlogin.aspx and let that be the forms login page. (in the web.config)
3. In IIS set security on Winlogin.aspx so, that it won't allow anonymous users.
4. In Winlogin.aspx determine if the user is authenticated based on his windows account. If you have the user you can also (if needed) check if he is in your own database, and if OK, redirect from this page:
5. If the user is not authenticated, the IIS 401 security error will be shown. You can hower redirect to your own HTML page in IIS, by setting the custom error redirect.
6. In your OwnRedirect401.html redirect to the your 'normal' Login.aspx with for example a META redirect, like this:
<meta http-equiv="refresh" content="0;URL=Login.aspx" />
Note that you must exclude login.aspx as a protected page in you web,config. I.o.w allow anonymous users, other wise you will end up again on your Winlog.aspx.