Windows Authentication without providing a password

Discussion in 'ASP .Net Security' started by Zhenzhong Xu, Feb 8, 2006.

  1. Zhenzhong Xu

    Zhenzhong Xu Guest

    Is it possible for a web application to authenticate user in Active Directory
    without having them to provide a password associated with the account name.

    What I meant is after user logged into windows from the domain, is it
    possible for a web application to authenticate the user just like SQL server
    windows authentication (it is not acceptable even if we only need the user to
    type in the password once)? Does it need to have a secure channel? Is NTLM
    capable for doing this job?

    Please let me know what technology I should be looking into, and if
    possible, some links and code samples are greatly appreciated.

    Zhenzhong
     
    Zhenzhong Xu, Feb 8, 2006
    #1
    1. Advertising

  2. Zhenzhong Xu

    Ken Schaefer Guest

    Yes.

    In IIS, just disable "allow anonymous authentication" and enable one of the
    other authentication mechanisms. In all cases, the user (or their browser)
    has to supply credentials. The browser can be configured to supply the
    credentials automatically without user intervention, e.g. for IE see:
    http://support.microsoft.com/?id=258063

    (Firefox also has a similar setting when NTLM is being used)

    Cheers
    Ken


    "Zhenzhong Xu" <> wrote in message
    news:...
    : Is it possible for a web application to authenticate user in Active
    Directory
    : without having them to provide a password associated with the account
    name.
    :
    : What I meant is after user logged into windows from the domain, is it
    : possible for a web application to authenticate the user just like SQL
    server
    : windows authentication (it is not acceptable even if we only need the user
    to
    : type in the password once)? Does it need to have a secure channel? Is NTLM
    : capable for doing this job?
    :
    : Please let me know what technology I should be looking into, and if
    : possible, some links and code samples are greatly appreciated.
    :
    : Zhenzhong
     
    Ken Schaefer, Feb 8, 2006
    #2
    1. Advertising

  3. Hi,

    this is all done by configuration -

    if the client is logged on to the domain, IE can do single-sign-on

    a) IIS has to be configured for integrated auth
    b) IE only sends the credentials to the Intranet zone by default - as soon
    as there is a "." in the server name - Internet zone is assumed
    if you browse to the web site where you want to do SSO - which zone does
    IE show? You can add sites to the intranet zone in the IE zone settings

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Is it possible for a web application to authenticate user in Active
    > Directory without having them to provide a password associated with
    > the account name.
    >
    > What I meant is after user logged into windows from the domain, is it
    > possible for a web application to authenticate the user just like SQL
    > server windows authentication (it is not acceptable even if we only
    > need the user to type in the password once)? Does it need to have a
    > secure channel? Is NTLM capable for doing this job?
    >
    > Please let me know what technology I should be looking into, and if
    > possible, some links and code samples are greatly appreciated.
    >
    > Zhenzhong
    >
     
    Dominick Baier [DevelopMentor], Feb 8, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. TJO
    Replies:
    4
    Views:
    302
    Alexey Smirnov
    May 5, 2007
  2. Luqman
    Replies:
    5
    Views:
    895
  3. AAaron123
    Replies:
    2
    Views:
    2,363
    AAaron123
    Jan 16, 2009
  4. AAaron123
    Replies:
    1
    Views:
    1,418
    Oriane
    Jan 16, 2009
  5. CsB
    Replies:
    0
    Views:
    172
Loading...

Share This Page