views:

14943

answers:

4

This is for IIS 7 on a Windows Server 2008 that is not part of an AD domain. I would like to password protect a website, where people have to enter a username/password (a windows account for example) to view the website. The website would then use its own authentication method (forms) to handle user accounts and decide whether or not to show member specific pages, etc.

With IIS6, we just disabled anonymous access and enabled integrated windows authentication. IIS7 behaves differently and when I enter the windows username/password to view the site, the site comes up fine but redirects to the login page. Once I log in, the site behaves naturally. I need to be able to navigate the site without logging in with the website credentials.

I don't think enabling anonymous access would make sense here since I want access to the website to be password protected (popup username/password dialog when you first navigate to the url).

Any help is appreciated!

A: 

So do you want them to get the IE password-challenge box, or should they be directed to your login page and enter their information there? If it's the second option, then you should at least enable Anonymous access to your login page, since the site won't know who they are yet.

If you want the first option, then the login page they're getting forwarded to will need to read the currently logged-in user and act based on that, since they would have had to correctly authenticate to get this far.

rwmnau
I want them to get the popup dialog to be forced to access the site. But they will not be logged into the site at that point. They should then be able to navigate the pages on the site and optionally login using the webpage login.
Jim Geurts
+3  A: 

Two-stage authentication is not supported with IIS7 Integrated mode. Authentication is now modularized, so rather than IIS performing authentication followed by asp.net performing authentication, it all happens at the same time.

You can either:

  1. Change the app domain to be in IIS6 classic mode...
  2. Follow this example of how to fake two-stage authentication with IIS7 integrated mode.
Jim Geurts
btw, I couldn't get classic mode to operate as intended either...
Jim Geurts
+2  A: 

To enable the Windows Authentication on IIS7 on Windows 7 machine:

Go TO Control Panel.

Click Programs and Features, select Turn Windows Features on or off from left side.

Expand Internet Information Services >> World Wide Web Services >> Security

Select Windows Authentication and click OK.

Reset the IIS and Check in IIS now for windows authentication.

Enjoy

Prashant S
A: 

Configure IIS7 for windows authentication in Windows Server 2008

See this link:

http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication

Enjoy this post :-)

Amir Abolfazli