I am trying to deploy an application in a client network, with AD/domain controller.
My application is a simple asp.net c# application, using windows authentication.
I am using win2003.
Basically, using VS2008, create a new website, hosted on IIS6.0.
Only 2 changes.
1. On IIS Directory security for the application, enabled "Integrated Security".
Note: anonymous is also enabled.
Only one change to the skeleton code generated.
Add below to the page_load method of default.aspx
using System.Security.Principal;
...
protected void Page_Load(object sender, EventArgs e)
{
WindowsIdentity id = WindowsIdentity.GetCurrent();
Response.Write("<B>Windows Identity Check</B><br>");
Response.Write("Name: " + id.Name + "<br>");
Response.Write("<BR>");
Response.Write("User.Identity: " + User.Identity.Name);
Response.Write("<BR>");
}
Output of browsing to the page:
Windows Identity Check- Name: NT AUTHORITY\NETWORK SERVICE
User.Identity:
The User.Identity.Name does not output the current username.
As discussed in this article http://weblogs.asp.net/scottgu/archive/2006/07/12/Recipe_3A00_-Enabling-Windows-Authentication-within-an-Intranet-ASP.NET-Web-application.aspx
I added:
<authorization>
<deny users="?"/>
</authorization>
From what i userstand is that, when this is added, I can get the current users, username from User.Identity.Name.
However, once I added the above, the browser now prompts me for a username and password. Once I enter it, I am able to use User.Identity.Name to get the username. However I do not want the username/password pop up to appear. I want the application to authenticate the user based on their network credentials.
Am I missing something?
Best Answer
Check that internet explorer knows the site is part of local intranet zone. Also, under the settings for intranet zone check that automatic logon is enabled.