Last post Jan 18, 2017 05:07 AM by priyalwalpita
Jan 17, 2017 09:45 PMfirstname.lastname@example.org|LINK
I want to secure my public website with Windows Authentication. I mean if I browse website if should pop-up Windows Username/Password. I tried and hosted website at my local system( Windows 7 ). I disabled all other authentication mode except Windows but
didn't get how it validate. Can we handle authentication at IIS level.
How can I achieve this.
Jan 18, 2017 03:09 AM|priyalwalpita|LINK
I hope you are referring to a site which is hosted publicly : ie : user are in the internet ?
you can achieve your objective using Integrated Windows Authentication. The configuration is straight forward as follows. You need to disable the SimpleMembership and set the Authentication mode to Windows in the config file.
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Windows" />
Next thing is ,you need to enable the windowsauthentication in applicationhost.config file
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
In IIS, you need to enable the windows Authentication (go and check from add/remove windows features -> IIS)
Go to the authentication section in IIS and enable the Windows Authentication and Disable all other Auth methods.
After this, you can use the WindowsPrinciple class to do rest of the operations.
<div>Is an Administrator</div>
var user = (WindowsPrincipal)User;
Using Active directory is the standard authentication practice which we need to use in this kind of senarios.
You can get more details in following
Jan 18, 2017 03:26 AM|Zhi Lv - MSFT|LINK
I want to secure my public website with Windows Authentication. I mean if I browse website if should pop-up Windows Username/Password. I tried and hosted website at my local system( Windows 7 ). I disabled all other authentication mode except Windows but didn't
get how it validate. Can we handle authentication at IIS level.
As for this issue, I suggest you could refer to the following articles:
Jan 18, 2017 04:34 AMemail@example.com|LINK
Basically website is already hosted which is available publicly over the internet. Anyone can browse that website so we got request to protect website from outer world. So we are planning to create a user account on that server and enable Windows Authentication.
If anyone try to browse the website they will get Windows pop-up for username/password.
We will share the user details whom we wanted to give access.
I don't want any coding level change in website but config changes I can do because that is required to enable Windows Authentication.
So how newly created user will grant access from Windows pop-up I'm not sure.
Jan 18, 2017 05:07 AM|priyalwalpita|LINK
Well.. I am not sure whether you can achieve this without a code change or not. Many things depends on how you have implemented the Authentication in the current application. Take a look at following link for the configuration level changes with AD