I'm making a simple website to learn about asp.net/AD authentication.
I used some of the code snippets from this tutorial: https://support.microsoft.com/en-us/kb/316748 to successfully use AD with Forms Authentication from a login page. I use these IIS Authentication settings for the website:
Anonymous Authentication -Enabled
ASP.NET Impersonation -Disabled
Basic Authentication -Disabled
Digest Authentication -Disabled
Forms Authentication -Enabled
Windows Authentication -Disabled
I want to use the credentials for the currently logged in windows user and either not prompt or only prompt if it fails. When I change the Web.config authentication mode to "Windows" and the the IIS settings as shown below it has a pop-up credentials prompt but just keeps prompting and never accepts the credentials.
Anonymous Authentication -Enabled
ASP.NET Impersonation -Disabled
Basic Authentication -Disabled
Digest Authentication -Disabled
Forms Authentication -Disabled
Windows Authentication -Enabled
I've tried several other combinations but they all failed.
All files in this website are:
LdapAuthentication.cs - is in App_Code and is a direct copy/paste from the tutorial
Logon.aspx - is copy/pasted from the tutorial with the companies LDAP path added
Default.aspx - is a direct copy/paste from the WebForm1.aspx in the tutorial
Web.config (shown below)
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5">
<assemblies>
<add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
</assemblies>
</compilation>
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms"> <!-- I also tried "Windows" -->
<forms loginUrl="logon.aspx" name="adAuthCookie" timeout="10" path="/" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
<identity impersonate="true" />
<anonymousIdentification enabled="false" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
</configuration>
Ensure that IIS is right configured to use ActiveDirectory Authentication with Forms, it works with local server from Visual studio but not in IIS. In IIS 7+ it's the application pool account. - Simply create a new application pool that runs under that account and assign that app pool to your application/site. - Right click to the new pool (example ASP.NET V4.0 Mypool) - > Advanced Settings - In Process model, choose LocalSystem as Identity. Web.config:
<system.web>
<compilation targetFramework="4.0" debug="true"/>
..........
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="adAuthCookie" timeout="10" path="/"/>
</authentication>
<identity impersonate="false"/>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.