Bypass  Integrated Windows Authentification and using  IP Address Access

Posted on 2009-02-20
Last Modified: 2012-05-06
We have an application installed in a company that uses Intgrated Windows Authentification and this works great for users.

The company wants to deploy kiosk touch-screens with Vista Home on them and load certain pages on them so that these kiosks automatically boot up into these pages.

On the kiosks our application pops-up a windows authentification login box since it is not recognizing any windows authentificated login.

Is there a way to bypass this say by looking at the IP address (which we can get as a fixed address) or some other method?

I want to avoid installing a second copy of the application just to accommodate these kiosks.

Application is, and using IIS6 on Windows 2003 server
Question by:resourcesys
    LVL 25

    Expert Comment

    We can allow certain IP addresses to access the site with out authentication. Site Properties you set those IP address.

    Author Comment

    Hi Apeter,

    Can you give me instructions on how to do this. Where in the Site Properties do you set those IP Address?

    I assume you're not referring to the section IP Address and domain name restrictions?
    All PCs' except the Kiosks need to have Integrated Windows Authentification working.

    LVL 25

    Expert Comment

    I guess a site can have only one Authentication Mode. Looks like you have to write Custom ISAPI filter and u can authenticate based on the requests(PC's or Kisoks) coming in.

    Accepted Solution

    Solution found,

    We created a new Virtual Directory in IIS pointing to the existing application and then allowed anonymous on this Virtual Directory. We then control access to this within our application by IP Address.

    This means we have only one install of the application supporting both/mixed mode authentication


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Suggested Solutions

    This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
    Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now