Force widows authentication in .NET 3.1 to always prompt for username and password to login

Question

I'm trying to run windows authentication using MVC core architecture in .NET 3.1. I have setup a project that runs windows authentication but every time I launch the application it directly logs me in as the with the username I used to login in on my local computer. I need it to always prompt me because the application is going to be used company wide and I don't want to allow any user to login to it, additionally I want it to be such that an admin could login from my machine, so that it is not always me that is logging in.

Let me know how I can manually force a login prompt every time the application is launched. Even better would be if the login prompt is opened only if a button is clicked.

index.cshtml

@{
    ViewData["Title"] = "Home Page";
}

    <div class="text-center">
        <h1 class="display-4">You have loggin in as @User.Identity.Name</h1>
        <h1>@User.Identity.AuthenticationType</h1>
        <h1></h1>
        <h1>@User.Identity.Name</h1>
        <h1>@User.Identity.IsAuthenticated</h1>
    </div>

launchsettings.json

  "iisSettings": {
    "windowsAuthentication": true,
    "anonymousAuthentication": false,
    "iisExpress": {
      "applicationUrl": "http://localhost:65086",
      "sslPort": 44374
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "WindowsAuth": {
      "commandName": "Project",
      "launchBrowser": true,
      "applicationUrl": "https://localhost:5001;http://localhost:5000",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

HomeController.cs

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using WindowsAuth.Models;

namespace WindowsAuth.Controllers
{
    
    public class HomeController : Controller
    {
        private readonly ILogger<HomeController> _logger;

        public HomeController(ILogger<HomeController> logger)
        {
            _logger = logger;
        }

        [Authorize]
        public IActionResult Index()
        {
            return View();
        }

        public IActionResult Privacy()
        {
            return View();
        }

        [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
        public IActionResult Error()
        {
            return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
        }
    }
}

Comment if you think I need to add some more relevant information.

Answer 1

You can't do this with windows authentication. If you need login promp you shoud use forms authentication. If you don't want to allow all users to use application you can use roles: User.IsInRole("Domain Name\Group Name");

Windows authentication prompt for user and password only if workstation from you send request is not a part of domain with windows authentication is using.