Reputation: 6798
MVC 4 Windows Authentication does not work, why?
I have INTERNET Web MVC 4 Project in C#, which locally work fine. Now I need to move project to production with Windows Authentication as INTRANET project.
I read some articles but it does not work for me. It is my first .NET Web application.
Steps I made
=== Step 1 - In Web.Config in tag ===
I deleted authentication tag
<authentication mode="Forms">
</authentication>
and added
<authentication mode="Windows" />
<authorization>
<allow roles="DOMAIN\ROLE_Name" />
<deny users="*" />
</authorization>
Role exist in Active Directory and contains User Accounts including my account.
=== Step 2 - In Global.asax ===
I added whole procedure, I'm not sure if it is right, but I read that I should have that procedure in my code.
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
filters.Add(new System.Web.Mvc.AuthorizeAttribute());
}
=== Step 3 - I added Authorization to Controller ===
public class HomeController : Controller
{
**[Authorize(Roles = "DOMAIN\\ROLE_Name")]**
public ActionResult Index()
{
=== Step 4 - I deploy web to IIS ===
(which I have not under control but administrator assured me that is configured properly)
When I hit the URL I'm asking for Login credentials and after login I'm getting Error
You are not authorized to view this page
Some articles says that I have to change authentication mode in project properties but only properties I have on project are these
I have feeling that I'm mixing two different approach but I just don't know.
Upvotes: 0
Views: 1270
Answers (1)
Reputation: 3397
To ensure that the web server's authentication settings are being set, you can add the following XML to your web.config file (Requires at least IIS7 I believe).
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false"/>
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
This will instruct the web settings for the application to disable anonymous and use windows authentication instead.
Windows authentication and MVC don't work the best together. The best way to use them together it to defined in your web.config
<authorization>
<allow users="*" /> <!-- Or "?" if you only want authenticated users-->
</authorization>
Then fine tune the access with the AllowAnonymousAttribute and AuthorizeAttribute. For example, you can have the global filter set with allowed default roles:
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new AuthorizeAttribute { Roles = "domain\\rolename" });
}
With this, all controllers will try to authenticate the user and verify they are in the given role. If you want everyone, authenticated and unauthenticated users, you can use the AllowAnonymousAttribute. If you decide an action needs different roles or users you can decorate it with the AuthorizeAttribute. Do keep in mind, when you do this, it will override the global one. So if you defined allowed roles the new attribute won't carry them over.
Upvotes: 1
Related Questions
- mvc 3 windows authentification doesn`t work
- Windows authentication not working asp.net mvc showing null
- ASP.NET MVC Windows Authentication refusing to work
- Windows Authentication works for me but not anyone else
- Windows Authentication allow users not working
- Windows Authentication not working for MVC 4 app on Windows Server 2008 with IIS 7.0
- Windows authentication with ASP.Net MVC 4 with VS 2012 and above
- Window authentication not working in MVC4
- Windows authentication in MVC
- Authentication mode=windows not working