469,898 Members | 1,757 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,898 developers. It's quick & easy.

Windows Integrated Authentication

I need to develop an intranet app that uses Windows Authentication with IIS set up for Windows Integrated Authentication.

The problem is that I want to force a challenge (i.e., force the user to enter username and password) when they access the app.

I know that basic and digest authentication will do this, but I cannot use these, nor can I use forms authentication.

With windows integrated authentication there is no challenge.

I tried forcing one by storing a boolean flag in a session variable and returning a status code of 401 if it isn't set. This "forced" a challenge, but the problem was that the user could simply close the login dialog and the page would get served anyway!

This is because the user is already authenticated.

Any suggestions?
Jan 6 '08 #1
2 1642
Seems a bit obvious, but why don't you just put a login form on startup page? Successful login therein can set a session value or cookie, failure to login via the form denies access to any other pages as you just don't show navigation tree until successful\disable navigation links. If your particular concern is people using other's already logged in machines then you could compare form entered login details to the Windows NT detail you can pick up automatically\ via A.D.
Jan 8 '08 #2
Thanks, Camel.

I am currently looking into using Forms Authentication with an ActiveDirectoryMembershipProvider to accomplish something similar to what you've described.
Jan 8 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

8 posts views Thread by Bob Everland | last post: by
3 posts views Thread by Patrick.O.Ige | last post: by
10 posts views Thread by Will Gillen | last post: by
2 posts views Thread by Amedee Van Gasse | last post: by
3 posts views Thread by =?Utf-8?B?RGFuZGFuIFpoYW5n?= | last post: by
1 post views Thread by Waqarahmed | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.