tags:

views:

429

answers:

6
+3  Q: 

Windows authentication. User gets prompted - ASP.NET

I have the following settings:

Web.config

Authentication Mode = "Windows"

Virtual Directory -> Enable anonymous access - UNCHECKED -> Integrated Windows authentication - CHECKED

When a user goes to the default page on the intranet, he gets prompted to enter the user name and password even though he has already been authenticated

**UPDATE: To clarify what I am doing - We have an application that is set to windows authentication = forms - There was a request that for certain servers in the intranet, we would want to bypass the login.aspx page - All that the login.aspx page does is, grabs the windows username, checks the database, gets the forms username and password and lets the user log in - I am using User.Identity.Name to get the windows user name to do a mapping

**

+1  A: 

Check the file system permissions. Even if they are authenticated they can be prompted if they don't have access to the files.

Jon Tackabury  2009-03-11 18:33:52
Each user must have NTFS permissions to the file. Create a new AD group and add everyone who must access the site, then apply Read to all files in the site to that group.
Dave Swersky  2009-03-11 18:35:51
Thanks Dave - that's a good way to ensure that the right people have access.
Jon Tackabury  2009-03-11 18:37:37
+3  A: 

Did you turn on impersonation?

<identity impersonate="true" />
Jon  2009-03-11 18:35:43
You still need thie right file permissions of course by the way. But if you do not turn on impoersonation the browser will use its default user instead of the logged in user for authentication.
Jon  2009-03-11 18:39:09
A: 

Another consideration is Kerberos authentication only survives 2 hops. In this case you can use Kerberos/NTLM authentication if your AD is setup to handle the authentication correctly you should be able to pass the token along farther.

Quintin Robinson  2009-03-11 18:37:49
+1  A: 

Also make sure that when you are viewing the site in Internet Explorer that the zone in the status bar says "Intranet Zone". Otherwise it won't log you in by default.

David  2009-03-11 19:00:46
A: 

Correct me if I'm wrong, but wouldn't the aspx page get the IIS user?

toast  2009-03-11 19:21:00
A: 

You must use Internet Explorer as the client if you want to avoid any login at all.
Also, as David mentioned, the site must be in the 'Intranet' Zone for IE to automatically send your windows credentials. A site will be in the 'Intranet' zone if it uses a one-word servername. Otherwise, you must add it to the list of sites. See Internet settings in windows.

Firefox will prompt you for credentials (But they can be autocompleted).

Matt Brunell  2009-03-11 21:36:19

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps