Reputation: 537
Force windows authentication IID
I am having an authentication issue with an ASP.net application. This was working and now for some reason has stopped. I have a web form that connects to a SQL database for simple data entry. I am trying to capture the user name and time in the background to include with the entry. I have the following code in the web.config file:
<authentication mode="Windows"/>
This is within the system.web grouping.
I have following routine set in the .cs file for the web form:
protected void btnUpdate_Click(object sender, EventArgs e)
{
using (SqlConnection con = new SqlConnection("server=(local);database=InvoiceSHC;Trusted_Connection=Yes"))
{
// Get the UserId of the logged in user
string UserName = "";
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
UserName = HttpContext.Current.User.Identity.Name.ToString();
}
else
{
UserName = "UnauthenticatedUser";
}
string Timestamp = DateTime.Now.ToString();
//Not sure why you need a SqlDataAdapter unused here.
//SqlDataAdapter DA = new SqlDataAdapter("UpdateSHCInvoice", con);
SqlCommand cmd = new SqlCommand("UpdateSHCInvoice", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Ref", dlRef.SelectedItem.Value);
cmd.Parameters.AddWithValue("@PhaseName", dlPhase.SelectedItem.Value);
cmd.Parameters.AddWithValue("@PageType", dlPageType.SelectedItem.Value);
cmd.Parameters.AddWithValue("@Page", tbPage.Text);
cmd.Parameters.AddWithValue("@Percent", dlPercent.SelectedItem.Value);
cmd.Parameters.AddWithValue("@ChngType", dlChngType.SelectedItem.Value);
cmd.Parameters.AddWithValue("@UserName", UserName);
cmd.Parameters.AddWithValue("@Timestamp",Timestamp);
con.Open();
cmd.ExecuteNonQuery();
GridView1.DataBind();
Within IIS I have disabled anonymous authentication. I have enabled asp.net Impersonation and Windows Authentication.
When I first set this up, I was getting a domain and id for the user. Now I do not get prompted for the user name and password when I go to the site. This authentication stuff is a real pain.
I am using Firefox as the browser. I have also tried this on Safari with the same results.
Any assistance is greatly appreciated.
Upvotes: 1
Views: 1958
Answers (1)
Reputation: 6372
Have you added an authorization section to your web.config file?
<system.web>
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
</system.web>
What this does is tell the web server that you want to allow any authenticated users (users="*") and deny any anonymous users (users="?") at the root level and subsequently, across your entire site.
If you need different authorization settings for different pages or folders, you can use the location element:
<configuration>
<location path="members">
<system.web>
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="AnonymousPage.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
</configuration>
This can be added into your root web.config file, it can also be added in the same way as the first example in a web.config file inside the desired folder.
Upvotes: 1
Related Questions
- ASP.NET Windows Authentication
- IIS asking for windows authentication
- windows authentication in iis7
- ASP.NET / IIS Security (Windows Authentication)
- Bypass Windows Authentication
- ASP.NET application login using windows authentication
- IIS 7 and Windows Authentication
- Windows Authentication mode - how to make it not ask for credentials?
- IIS7: How to define that windows authentication is turned on?
- asp.net windows authentication