Asp .NET applications + windows credentials

S

Stephen Noronha

Hi,

Questions
1. Has anyone encountered a situation to create an application using
"windows authentication" only and the first call to the web page caused the
Windows authentication dialog box to pop up, log in and then navigate
around.
2. Set a timeout value, so that the "Windows credentials" are cleared and
3. when the page is refreshed or anything, the window pops up again.

Any suggestions/links/code is really appreciated,
Thanks,
Stephen
 
K

Kevin Spencer

Hi Stephen,

This is a bit of a tricky requirement. The way you get the Windows
Autheitication dialog box to come up is by setting IIS authentication. IIS
has 3 types of authentication: Anonymous (most common), Basic (User Name and
Password), and Windows Integrated Authentications (Kerberos). You would need
to at least disallow anonymous access to the web site via IIS.

The second part of this scenario is the ASP.Net application's role in this.
When using a typical configuration, the user only has to log in once per
Session, and the credentials are cached on the browser, so the user doesn't
have to keep logging in with each Request. But you want to cause the
Authentication dialog box to come up even if they Refresh the page. I'm not
sure how that would be done, but I can point you to the .Net SDK articles
you would need to read in order to determine if and how that might be done:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/authaspdotnet.asp
http://msdn.microsoft.com/library/d...us/cpguide/html/cpconaspnetauthentication.asp
http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp
http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp

--
HTH,

Kevin Spencer
Microsoft MVP
..Net Developer
I'd rather be a hammer than a nail.
 
S

Stephen Noronha

Thanks Kevin,
will read the articles,
Stephen

Kevin Spencer said:
Hi Stephen,

This is a bit of a tricky requirement. The way you get the Windows
Autheitication dialog box to come up is by setting IIS authentication. IIS
has 3 types of authentication: Anonymous (most common), Basic (User Name and
Password), and Windows Integrated Authentications (Kerberos). You would need
to at least disallow anonymous access to the web site via IIS.

The second part of this scenario is the ASP.Net application's role in this.
When using a typical configuration, the user only has to log in once per
Session, and the credentials are cached on the browser, so the user doesn't
have to keep logging in with each Request. But you want to cause the
Authentication dialog box to come up even if they Refresh the page. I'm not
sure how that would be done, but I can point you to the .Net SDK articles
you would need to read in order to determine if and how that might be done:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/authaspdotnet.asp
http://msdn.microsoft.com/library/d...us/cpguide/html/cpconaspnetauthentication.asp
http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp
http://msdn.microsoft.com/library/d...-us/vsent7/html/vxconASPNETAuthentication.asp

--
HTH,

Kevin Spencer
Microsoft MVP
.Net Developer
I'd rather be a hammer than a nail.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,733
Messages
2,569,440
Members
44,831
Latest member
HealthSmartketoReviews

Latest Threads

Top