Get UserName even if windows authentication fails

Question

Hi,

Below is the scenario for a virtual directory following are the setting in IIS

1. Enable Anonymous Access is DISABLED (check box is unchecked).

2. Integrated Windows Authentication is DISABLED (check box is unchecked)

3. Basic authentication is ENABLED (checkbox is selected)

In the web.config of the webapplication (for the same virtual directory above) the setting is as follows:

When I browse an aspx page of the above web application it asks for username and password.

User enters username and password (in the dialog which appears as a part of windows authentication).

I can get the username that user has entered if the login is successful.

Is there any way I can get the username(that user has entered) even if the login fails.

Regards, test_win

Answer 1

I don't believe that failed authentication information is stored in IIS in a way that's exposed to ASP.NET. If you were doing forms based authentication you would be able to track the invalid username/password, but since IIS is handling the authentication, I don't think you can get that information from code.

The logon attempt would be stored in the IIS log files, which you could process later from a separate process. You would want to look for 401/403 errors where a username is supplied.