Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Window authentication not working in MVC4

Tags:

authentication

asp.net-mvc

asp.net-mvc-4

iis-7.5

Scenario

User A can access all pages in MVC4 website except one. But user B can access all pages (no restriction).

What I had done so far?

  1. Deployed website on IIS 7.5.
  2. Enabled window authentication and disabled Anonymous authentication for hosted website on IIS.
  3. Testing website.

Testing Results -

(1) When User B is logged on same system (development system) where the website is deployed, he can access the website without prompt dialog.

(2) But when same website is published on server (production system) with same settings, website still asks for credentials with pop up.

** Both of the development system and production system are in same domain (let's name it domain.com).

Question

Why is the same user in same domain is been asked for credentials by website?

like image 921
Vikram Singh Saini Avatar asked Feb 25 '14 20:02

Vikram Singh Saini

1 Answers

As per my research for Window Authentication, I want to conclude following lines (also as reference for me) -

(1) Window Authentication (abbrev. WA) will always show prompt for verifying users if you had configured WA properly.

See anonymous authentication disabled and windows authentication enabled in below snapshot.

(2) Even if one set NTLM as top provider than Kerberos (in IIS), the IIS will still ask for Window credentials. Snapshot show how to do that.

How to set IIS Provider for Window Authentication

(3) If you want to avoid showing prompt on browser for WA, follow steps-

(a) Open IE browser --> Internet Options --> Security tab.

(b) Add site to Local Intranet zone so that browser will send logged-in username and password to IIS.

Add website to Intranet zone

Note - The above points universally apply to MVC and ASP.NET.

Answer to my question Why is the same user in same domain is been asked for credentials by website?

Because I had set anonymous authentication enabled along with Window authentication on development system. (Silly mistake).

like image 166
Vikram Singh Saini Avatar answered Oct 02 '22 16:10

Vikram Singh Saini
Sign in to Comment

Related questions

Is it bad practice to use a lot of viewmodels in asp.net mvc
Which tier of my ASP.NET MVC application should I be checking Membership information?
Response.Flush with MVC Result is not working
.NET 4.5 Universal Membership Provider table names
How to get ActionDescriptor using action and controller names
How to get a list of connected clients on SignalR
ASP.net MVC Controller will not return view
MVC C# Automatic Model Binding in Nested Lists
Trying to return json and populate selectlist
Pattern for doing authorization in repository layer of MVC application
Wrong connection string NHibernate 3.3
C# MemoryCache for 2 different types of keys?
Using in Razor VB.net MVC not work as expected
Controller can return either JSON or HTML depending on the result
Include script once and only once in a custom Editor
Can I use MiniProfiler to instrument an ASP.NET MVC WebApi website?
Setting up Web API within WCF Project
|DataDirectory| returns wrong path to AppData folder
How to set ASP MVC form dropdown to blank but only if the underlying value is uninitialised?
No Add Controller on menu and can't add a View either in MVC 4.5

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!