I am running an intranet site with ASP.net in IIS. I want the user to be prompted for a username/pwd, so I turned on Integrated Windows Authentication and turned off Anonymous access. I also checked the option in IE for the user to be Prompted for login under Internet Options->Security->Custom Level. Everything is fine, and the user is authenticated when the username/pwd entered matches an account in the Active Directory, except when the user enters nothing into the prompt. What I can see is IE is sending the logon credentials from the local machine for authentication, but I don't want that. I can see this from this line of code:
when it returns the username of the local, logon-ed user and I've tried it on several machinese and users. I've also tried playing with Web.config:
<identity impersonate="false" />
but that doesn't seem to be helping at all.
Could anyone please tell me how to set it to not send the credentials automatically?