I'm trying to create a simple web form with windows authentication. I haven't done anything more than create the project. Like so -
When I hit f5 to view in browser, the pages load, though with no style like so..
As far as I'm concerned, it's meant to look like a nice bootstrap file.
Some things I've tried -
Update my web config
<location path="Content" allowOverride="true">
<system.web>
<authorization>
<allow users="*" />
</authorization>
<globalization culture="pt-BR" uiCulture="pt-BR" />
</system.web>
Made sure that the paths are correct (though I haven't touched anything since making the project).
Any help is greatly appreciated!
EDIT:
I've created another project - and the only difference between this one and the one above is that there is no authentication. When I load the about page, the style loads as seen below -
Should also mention that this is a Visual Studio 2015 project...
I had the same issue. CSS was not loading when I enable Windows authentication.
The error code in iis log was 500 0 1346.
This was resolved after adding the application pool identity to the administrators group. Basically, the application pool identity must have "impersonate a client after authentication" policy. So adding it to a group with this policy should fix.
Article - https://blogs.msdn.microsoft.com/asgoyal/2012/08/25/one-thing-you-must-do-when-getting-http-500-0-1346-error/
Related
I'm trying to create a simple action filter for my MVC site that checks the current Windows user against those allowed access to the site. For some reason, the filterContext.HttpContext.User.Identity object is always set to anonymous with no username. I've tried to grab it at different stages (OnAuthenticate and OnAuthorize), but it's always anonymous.
I currently have anonymous and Windows authentication enabled in IIS (actually followed this example to configure the Windows Auth feature), and I have the following block in the system.web node of my web.config:
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
However for some reason, the Identity is always anonymous with no username. I have to be missing something here. With Windows Auth set in IIS, I'm always prompted for the username/password combo (which actually fails with HTTP401.1 error 0xc000006d, though I think this might be because I have a custom host header setup for development). I've also read a few articles that suggest this is because my site is determined to be in the internet zone and the answers always state to add the site to the intranet zone in Internet Explorer. This seems like a band-aid fix though, and not the actual solution.
Ideally, I would like to have the following:
User browses to my site
Behind the scenes, their Windows username is picked up, and authenticated against allowed users managed by the app
User authenticated successfully, page loads, user is none the wiser they were authenticated
What do I need to do to achieve this?
Thanks in advance for any help. Please let me know if I can provide more context.
Edit: Forgot to add I'm running this on Windows 7 SP1, IIS 7.5
Try
<system.web>
<identity impersonate="true" />
</system.web>
OR
Click On The Project Not the Solution => Open Properties Explorer not right click properties => you will find Anonymous Authentication set to disabled
In your solution explorer, press F4 over the project, and change Windows Authentication to Enable if you are running your project from Visual Studio;
In IIS select your WebSite -> Authentication and Disable Anonymous Authentication and make sure that "Windows Authentication" if Enable
These two rules are in wrong order in your code
<allow users="*" />
<deny users="?" />
Since you first allow everyone, the second rule is not even evaluated.
Try switching them
<deny users="?" />
<allow users="*" />
This way you first deny anonymous requests so that the authentication pipeline can even return 401 to the client. When the NTLM/Kerberos authentication picks the username, the second rule allows everyone (authenticated this time).
For this to work you also have to disable the anonymous authentication.
You need to disable the anonymous authentication from iis and enable windows auth only.
I have started looking into Forms Authentication with Windows Authentication (I believe its called Mixed Forms Authentication, but I could and probably am wrong)
So far I have discovered in my web.config file I need to add the following lines:
<authentication mode="Forms">
<forms loginUrl="~/Login"></forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
which I have done. But the next part confuses me. I have been reading about WinLog and WebLog pages and one has to be Windows Authentication and the other a forms Authentication.
I am under the impression this is how the flow should go
Add the lines above to your web.config
Brings user to login page
User gets redirected from another project that has Windows Authenication with the creds they filled and the other project sends a response saying yes or no.
The part after the web.config is super confusing, can someone tell me if I am on the right track or far from it?
What I am trying to do is not have an ugly dialog box, but instead have a custom login page.
If someone can point me in the right direction, that would be great.
ASP.NET has 3 different ways of authentication:
- Windows
- Forms
- Passport
Mixed mode authentication has been known as a somehow problematic way of authenticating users, in order to achieve it, you'll need one application to authenticate the users from a form, and another one to authenticate the users from IIS.
You will find some more info here:
ASP.NET MVC and mixed mode authentication
http://aspalliance.com/553_Mixed_Mode_Authentication.all
https://msdn.microsoft.com/en-us/library/aa291347(v=vs.71).aspx
trying to do something really basic!
I have an MVC5 Web app - and I want to make it work as an intranet app. I had a look at https://msdn.microsoft.com/en-us/library/gg703322(VS.98).aspx and it seems straightforward . I want to things a little different though .. I want to control access by roles in a global way .. I would have thought through web.config.
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
So - we have 2 servers , 1 Domain Controller SBS2008 and 1 web server Windows 2012 server which is connected to the SBS domain .
1) I can log on to app ok if I am a domain administrator
2) I can deny myself access using those settings in web.config.
The problem is whenever a standard user tries to go to the site they are asked for a user name and password. Help!
One other thing - I can't enable impersonation or I get Error 500 .
I have an ASP.NET MVC4 website deployed on IIS with Windows Authentication enabled. My config file has this setting:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
My understanding is that this will allow me to authenticate without having to type in credentials; i.e. an intranet site.
This works as intended, except for the first page load. When I first access the website, I am directed to the following URL:
http://localhost/SandboxWebsite/login.aspx?ReturnUrl=%2fSandboxWebsite
This is obviously a page that asks for credentials. When I then navigate again to http://localhost/SandboxWebsite/, I am automatically authenticated without having to enter any credentials.
Why is this occurring and how can I prevent it?
The problem was that, whilst anonymous access was disabled as a setting, there was no authorisation rule to deny anonymous users. Why this redirected me to Login.aspx I do not know, but I fixed it by adding the following rules.
IIS > MyWebsite > .NET Authorization Rules
John,
this is a long shot but have you tried using an address other than LocalHost to access the site ? It may be that your ASP.NET MVC4 website is expecting a specific domain name/computer name or IP address because of the way it was setup.
You could alter your hosts file to test this out.
Hope this helps.
Dorje
I tried to create an authentication system in aspx using Windows Authentication. It seems to be the default mode for authenticating users in an intranet, for a company using Windows PCs. I enabled 'Windows Authentication' for my site in IIS, and disabled the other types of Authentications. This is my Web.config file:
<system.web>
<authentication mode="Windows" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
What I have is a feedback provided by this line in my code (always false)
Response.Write(User.Identity.IsAuthenticated.ToString());
I'm not sure I'm doing all in the right way, but I've read many tutorials and all seems so easy... so, what I miss to do? I'm doing something wrong?
I haven't found anything that helped me in the implementation, simply all what I wrote seems to do nothing. Uh, also I don't see the Windows Auth Dialog
I solved adding a row in 'Authorization Rules' in IIS. In my company we all are admin, so I added an allow rule for admin users and I denied the access for others. All works correctly now, I show the Windows Auth Dialog and with username and password I am able to authenticate.
Check these requirements:
Windows authentication is enabled in IIS (you did it already).
Anonymous access is disabled in IIS (http://technet.microsoft.com/en-us/library/cc731244(v=ws.10).aspx).
Windows authentication is enabled in client's Internet Explorers.
impersonation is switched on in web.config ( http://msdn.microsoft.com/en-us/library/134ec8tc(v=vs.140).aspx).
As far as I remember, that's all.