ASP.NET Authenication Question

Discussion in 'ASP .Net Security' started by Craig, Dec 17, 2003.

  1. Craig

    Craig Guest

    Hi

    I have an intranet app which resides on a web server that is not in a
    domain; but in a workgroup. The users of this web app all log into the
    domain.

    I want to be able to find out who the 'domain user' is when they browser to
    my web app on the server, how does one do this? what are the IIS settings?
    Currently I have IIS set to intergrate windows authenication -which pops up
    the message box for the user credentials. this obvously fails when the user
    is not a 'named' user on the web server.

    Craig
     
    Craig, Dec 17, 2003
    #1
    1. Advertisements

  2. I think that the only way to do this is to replicate the domain users as
    local users for the web server.
    This because:
    - If you set the anonymous authentication in you loose the users identity
    - If you use "windows integrated" or basic the web server can't contact the
    DC for the authentication, then IIS throw a 404 error
    - If you use a custom login form you can impersonate in code the credential
    provided by the user (LogonAsUser api), but the web server can't contact the
    DC, then authentication failed

    The last two ways functions properly only if web server has the domain users
    as local users, but this is a very expensive solution (ie. password
    syncronization problem...). The best (fast, simple, ..) way to do this is to
    have the web server in the domain.

    HtH,
    Andrea
     
    Andrea D'Onofrio [MSFT], Dec 18, 2003
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.