Menu
I have an ASP.NET MVC 5 app and am trying to enable Windows Authentication. The development machine is Windows Server 2008 R2, IIS Express 8.0, Visual Studio 2013 & .NET Framework 4.5.
I get a 404 Not Found error when ever I browse the app. The app enters a redirect loop with http://localhost:63455/Account/Login?ReturnUrl=%2F. Eventually the ReturnUrl ends up being very large as it gets appended to with each redirect.
My web.config looks like this:
<system.web>
<authentication mode="Windows"/>
</system.web>
I've tried setting the Anonymous Authentication and Windows Authentication settings on the Development Server properties.
I've also tried adding the following appSettings:
<add key="autoFormsAuthentication" value="false"/>
<add key="enableSimpleMembership" value="false"/>
How can I get Windows Authentication working properly?
428
By default MVC apps use Form Authentication and Simple Membership, so you need to make it "false" to run Windows Authentication. Select the project name in Solution Explorer and then in the Property Explorer, click to enable Windows Authentication.
When you enable Windows authentication, your web server becomes responsible for authenticating users. Typically, there are two different types of web servers that you use when creating and deploying an ASP.NET MVC application.
Right-click the project in Solution Explorer and select Properties. Select the Debug tab. Clear the checkbox for Enable Anonymous Authentication. Select the checkbox for Enable Windows Authentication.
On the taskbar, click Start, and then click Control Panel. In Control Panel, click Programs and Features, and then click Turn Windows Features on or off. Expand Internet Information Services, then World Wide Web Services, then Security. Select Windows Authentication, and then click OK.
The ConfigureAuth method in Startup.Auth.cs contained the following code which needed to be removed for Windows Authentication.
The code is used for Forms Authentication with OWIN.
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
Just a heads up. You don't HAVE to remove cookie authentication entirely, although i did remove the externalsignincookie. Take a look at my project at https://github.com/vishnu4/AspNetMVC5WinAuth where I'm using OWIN and MVC5 to use windows authentication. Hopefully this helps anyone else trying to get it to work.
40
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
