Below is the scenario for a virtual directory following are the setting in IIS
-
Enable Anonymous Access is DISABLED (check box is unchecked).
-
Integrated Windows Authentication is DISABLED (check box is unchecked)
-
Basic authentication is ENABLED (checkbox is selected)
In the web.config of the webapplication (for the same virtual directory above) the setting is as follows:
When I browse an aspx page of the above web application it asks for username and password.
User enters username and password (in the dialog which appears as a part of windows authentication).
I can get the username that user has entered if the login is successful.
Is there any way I can get the username(that user has entered) even if the login fails.
Regards,
test_win
Best Answer
I don't believe that failed authentication information is stored in IIS in a way that's exposed to ASP.NET. If you were doing forms based authentication you would be able to track the invalid username/password, but since IIS is handling the authentication, I don't think you can get that information from code.
The logon attempt would be stored in the IIS log files, which you could process later from a separate process. You would want to look for 401/403 errors where a username is supplied.