Can I detect authenticated domain users in IIS / ASP.NET without prompting everyone else for credentials?

iis domain .net windows-authentication
13,079

The short answer is no. Unless you have Windows Authentication exlcusively turned on (and all other authentication methods disabled) users won't be authenticated against the domain or the local machine... and you won't have access to this information programmatically.

The long answer is also no. Anonymous Authentication will override Windows Authentication if they are both enabled... IIS will skip other methods of authentication if Anonymous is enabled. If Windows authentication is enabled (any Anonymous is disabled) IIS will send the Kerberos / NTLM challenge and only then (after prompting) will the browser send credentials. Internet Explorer will send Kerberos info without prompting if within the intranet zone. -Chris

Share:
13,079

Related videos on Youtube

James
Author by

James

I currently work as a software developer mainly using ASP .NET, NHibernate and SQL Server

Updated on September 18, 2022

Comments

  • James
    James over 1 year

    I am updating an old ASP .NET 3.5 webforms application which uses forms authentication. The requirement is that it needs to automatically log in authenticated domain users whilst still allowing external users to log in manually as before.

    To be clear: I need to find out the name of the currently logged in user if they are on the same domain as the server and use this information to bypass the old login system. Not all users will be on the network.

    The problem I am having is that although I can get the logged in user from .NET's Request.LogonUserIdentity, I have to disable anonymous access on the relevant page(s) before it will work. What happens is that anyone who is not recognised will receive a login prompt to log in to the domain, but I don't want this as some users do not have user accounts within the domain.

    The only solution I can think of is to have a special logon page for domain users that automatically redirects. But it would be nicer if they could just visit any page directly.

    The site is running on Windows Server 2003 R2 with IIS 6.0.

    Thanks.

  • James
    James about 12 years
    When I first searched Google before posting I guess I wasn't using the right keywords because I later discovered a load of articles confirming what you said. The strange thing is that I thought I had it working at one point, but the browser must have been caching credentials.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

IIS Won't authenticate domain user: 401.2
Able to visit site from domain name but not IP address
URL Rewrite - Remove .html extension
IIS6 & IIS7 forms auth compatibility
.NET 3.5 missing from the ASP.NET drop down in IIS after new install
401 - Unauthorized in IE7 only with windows authentication.
Redis IOException: "Existing connection forcibly closed by remote host" using ServiceStack C# client
Tracking Website's Page Visitors and Statistic at IIS level
System.UnauthorizedAccessException in mscorlib.dll
How can I remove a virtual directory in the Default Web Site using appcmd.exe?