Windows Authentication without providing a password

Z

Zhenzhong Xu

Is it possible for a web application to authenticate user in Active Directory
without having them to provide a password associated with the account name.

What I meant is after user logged into windows from the domain, is it
possible for a web application to authenticate the user just like SQL server
windows authentication (it is not acceptable even if we only need the user to
type in the password once)? Does it need to have a secure channel? Is NTLM
capable for doing this job?

Please let me know what technology I should be looking into, and if
possible, some links and code samples are greatly appreciated.

Zhenzhong
 
K

Ken Schaefer

Yes.

In IIS, just disable "allow anonymous authentication" and enable one of the
other authentication mechanisms. In all cases, the user (or their browser)
has to supply credentials. The browser can be configured to supply the
credentials automatically without user intervention, e.g. for IE see:
http://support.microsoft.com/?id=258063

(Firefox also has a similar setting when NTLM is being used)

Cheers
Ken


: Is it possible for a web application to authenticate user in Active
Directory
: without having them to provide a password associated with the account
name.
:
: What I meant is after user logged into windows from the domain, is it
: possible for a web application to authenticate the user just like SQL
server
: windows authentication (it is not acceptable even if we only need the user
to
: type in the password once)? Does it need to have a secure channel? Is NTLM
: capable for doing this job?
:
: Please let me know what technology I should be looking into, and if
: possible, some links and code samples are greatly appreciated.
:
: Zhenzhong
 
D

Dominick Baier [DevelopMentor]

Hi,

this is all done by configuration -

if the client is logged on to the domain, IE can do single-sign-on

a) IIS has to be configured for integrated auth
b) IE only sends the credentials to the Intranet zone by default - as soon
as there is a "." in the server name - Internet zone is assumed
if you browse to the web site where you want to do SSO - which zone does
IE show? You can add sites to the intranet zone in the IE zone settings
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows authentication - disabling password 5
Windows Domain authentication 0
Windows authentication times out (?) 0
Password changes: Forms Authentication & AD membership provider 0
Windows authentication. 2
Custom Membership provider without password management 0
Windows Authentication 1
Windows Authentication 1

Members online

No members online now.
Total: 28 (members: 2, guests: 26)
Robots: 246

Forum statistics

Threads
473,755
Messages
2,569,537
Members
45,022
Latest member
MaybelleMa

Latest Threads

Top