I would like to make an mvc4 application in asp.net that uses single sign on with ldap.
So a user logs in to AD and then goes to the webapplication. This application should be able to know which user is visitting without asking for any authentication anymore. The application should be able to know the username from the AD.
Anyone who can land me a hand with this or can give me a good explanation? I don't really understand how to fix this.
thanks in advance!
You could use Windows Authentication. Steps:
Create a new ASP.NET MVC application using the Intranet Application template
Read the text file that is opened for you which explains in details the things you need to do in order to configure your web server to enable windows authentication
Deploy your application and enjoy
For completeness sake here's the text file that is generated for you:
To use this template with Windows Azure authentication, refer to
http://go.microsoft.com/fwlink/?LinkID=267940.
Otherwise, to use this template with Windows authentication, refer to
the instructions below:
Hosting on IIS Express:
Click on your project in the Solution Explorer to select the project.
If the Properties pane is not open, open it (F4).
In the Properties pane for your project:
a) Set "Anonymous Authentication" to "Disabled".
b) Set "Windows Authentication" to "Enabled".
Hosting on IIS 7 or later:
Open IIS Manager and navigate to your website.
In Features View, double-click Authentication.
On the Authentication page, select Windows authentication. If Windows authentication is not an option, you'll need to make sure Windows authentication is installed on the server.
To enable Windows authentication on Windows:
a) In Control Panel open "Programs and Features".
b) Select "Turn Windows features on or off".
c) Navigate to Internet Information Services > World Wide Web Services > Security
and make sure the Windows authentication node is checked.
To enable Windows authentication on Windows Server:
a) In Server Manager, select Web Server (IIS) and click Add Role Services.
b) Navigate to Web Server > Security
and make sure the Windows authentication node is checked.
In the Actions pane, click Enable to use Windows authentication.
On the Authentication page, select Anonymous authentication.
In the Actions pane, click Disable to disable anonymous authentication.
Related
I've inherited an old asp.net application which runs on IIS v10, but I've run into a problem trying to remove the authentication. The application runs under the Default Web Site. It was originally set to Windows Authentication and worked, but now I need to remove the login that occurs on load of the website.
The Default Web Site (app parent) authentication is set to Anonymous. When I disable all authentication at the application level, I get a 401 - Unauthorized User error in the browser. When I enable Anonymous authentication, the site loads very slow, but only the HTML with none of the CSS styling. I'm not sure why this is.
How should the authentication be configured to remove a login?
You need to choose the application which under the Default Web Site and click the Authentication module.
In addition to disabling windows authentication, also enable anonymous authentication.
If you want to disable windows authentication for a file in the application, first select the content view to view the files inside the application, then select the file and right-click the switch to features view.
I just installed the latest version of SyncFusion Report Server and am running it in Microsoft IIS / Server 2016.
I created a subdomain (reports.mydomain.com) and created a binding in iis. I can hit that website and it opens the login page for the syncFusion report server.
When I go to my website (reports.myWebsite.com) I get the standard login for syncFusion. I then login with my SyncFusion credentials and it then prompts me with a server login. I can't figure out how to get around this server login prompt. If I use my server credentials and login then it works but I don't want to have to do that. The report server is running under port 57240.
Just for testing purposes, my firewall is completely disabled and I gave full access to the report server's application pool to the SyncFusion directory.
I created an iis binding for port 57240 and a binding for reports.mydomain.com on port 80.
SyncFusion does offer the ability to use windows authentication to login. I am curious if it is trying to windows authenticate first before basic authenticate. Thoughts?
I just got off the phone with Syncfusion and it turns out that SQL Server Reporting Services automatically registers the URL /reports. I switched my ssrs url to /ssrsreports and everything is now working.
A big thanks to Syncfusion for setting up a GoToMeeting and figuring this out for me!
Check whether the Authentication of your application is set by this way ?
(Open IIS -> Select your Web Application -> Double click on the “Authentication” listed in the main panel)
i. Windows Authentication and ASP.NET Impersonation should be Disabled
ii. Forms Authentication and Anonymous Authentication should be Enabled
I have already a Windows Mobile application developed in .Net Compact Framework 3.5 (C#), my application runs in Enterprise Mode and I want actually to add a remote authentication to my application, I'm thinking about single sign on. Following are my questions:
1- Do you have any suggestion for a single sign on implementation that can be added to my Windows Mobile Application? So, which Authentication Server to be used and what are the modifications to be done into my application?
2- If 1- is not technically feasible in Windows Mobile, do you have any suggestion for a remote authentication solution to be implemented?
3- I'm thinking to use either Active Directory or LDAP to store user credentials. Can I add SSO to AD or LDAP? what is to be done in my application to add the authentication in this case?
Thanks for your support.
I have not been able to personally get Active Directory to work on Windows Mobile.
Instead, I created a service running on our network that authenticates using Active Directory.
I can call a web service! (Learned about that not too many months back)
The username and password, I believe, would be sent as open text (not encrypted), but that is OK for our use.
I am getting window authentication window popup on some of my views in mvc4. It works fine when I host it on local server. But when I upload my code to my hosting server, all the views works fine except some views.
I am using form authentication in my application. And the views which given me such popups their controller class define with [Authorize] attribute. Is it an issue with IIS on hosted server or something else?
This is the popup message:
I suspect that you have Integrated Windows Authentication or Basic Authentication configured in IIS for your website or application (depending on how you are hosting it). Make sure you disable it and enable anonymous access to the website if you want to use Forms Authentication.
Open IIS Manager and navigate to your website or application.
In Features View, double-click Authentication.
On the Authentication page, disable Windows authentication and enable Anonymous authentication.
I have an WinJS metro application that I'm using to connect to a remote webservice that same domain. I read up on the app manifest capability (well the little that is present online) and was hoping that I would be able to use the logged in users credentials to access this webservice without requiring them to login.
I'm trying to authenticate to the webservice via a post using a contentType: "application/x-www-form-urlencoded;charset='utf-8'". This application was previously a website that would prompt the user for login credentials in the authentication step using the aforementioned post. In the WinJS metro application I'm effectively using the same code (minor tweaks) to achieve the same result.
Has anyone had experience with Enterprise Authentication in a WinJS metro application and could better explain what types of resources I would/wouldn't have access to. I'm hoping this isn't specific to accessing things like file shares and intranet sites.
I had this exact issue as well. After ensuring the following Capabilities were enabled in the package.appxmanifest:
Enterprise Authentication
Internet (Client)
Private Networks (Client & Server)
I had to still add the URL of our web service to Internet Explorer's list of Intranet Sites. Only then did the prompt go away.