Clever Geek Handbook

Windows logon from user computer via intranet web application WITHOUT asking for user / password

I am creating an intranet web application in the IE store and I am looking to get the username logged into the system without asking for the username and password combination. This is easy until the application is pushed to the web server. It seems that every combination I try to navigate here results in either an empty line or a login prompt.

I have defined:

    <authentication mode="Windows"/>
    <identity impersonate="true"/>

And I am trying to use these parameters:

Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name & " \n")
Response.Write("Windows Identity: " & WindowsIdentity.GetCurrent.Name & " \n")
Response.Write("Thread: " & Thread.CurrentPrincipal.Identity.Name & " \n")
Response.Write(Request.ServerVariables("LOGON_USER"))
Response.Write(User.Identity.Name)

None of these with any combination of IIS settings seem to work for me. Am I taking the wrong approach? Is it possible? How can I solve this?

Whenever I switch my IIS to use Integrated Windows Authentication, it prompts me for a username / password. Why is this? How can I stop it?

An example of what I want (if it is not clear),

DOMAIN_NAME / USER_NAME or HOME / CHARLIE

+2


source to share


5 answers


Make sure the server (s) that host your application are on the intranet zone in IE security settings; By default, IE does not automatically pass Windows authentication credentials to sites in other zones. You may also need to add your site's hostname to the Trusted sites zone.



If your site is something like intranet.mydomain.com and your users are authenticated to the Active Directory server for mydomain.com, this will happen automatically; otherwise, you will need to change IE settings or host your application on a server that is a member of the Active Directory domain.

+3


source


I think you can configure the website to use Windows Integrated Authentication .



+2


source


Impersonation and delegation are a cunning beast. In your case, you need to use Integrated Authentication for your website.

See MSDN article on handing over and delegating for more information

+2


source


Also make sure Enable Integrated Windows Authentication is enabled in IE.

0


source


Basically make sure the IE browser of the users in your domain will authenticate the user without prompting them. This is a client browser configuration issue.

0


source






More articles:


All Articles