MVC4 Window authentication without prompt

Posted on 2014-02-25
Last Modified: 2014-03-17
Hello Experts,

I am working on porting of Asp.Net WebForm to MVC4 application.

** The website and users who will access websites are in same domain.

In old website users were restricted by creating a separate folder with web.config allowing only users with Admin role as -

      <allow users="?" />
      <allow roles="Administrators" />      

Open in new window

So to implement same in MVC on Admin controller, I marked controller as -

[Authorize(Roles = @"Administrators")]
public class AdminController : Controller

Open in new window

Questions :

Q.1. After publishing on server, when I try to access respective controller, the browser show prompt asking for username and password.

* I know of that it is browser normal behaviour to show that. But if it is true, then why it is not showing same prompt for earlier website?

Q.2. I am looking for some sort of solution that allow me to following -

(i) Get window's logged-in username that is making request.
(ii) Check role of that user matching with roles defined by me (for e.g. in web.config).
(iii) Authorize or allow user to access controller basis on result of step 2.

* I'm aware that I can get logged username by HttpContext.Current.User.Identity.Name. But it is returning me null if I am not using Window Authentication. And if I am using WA, then it will work. But again a prompt window comes.

I belive that I'm not only the one who is facing this problem or had faced same for MVC. There might be other experts who fixed this for their websites. So looking for practical solution or hints.

I want to allow access to specific controller for specific users with Admin role using their logged in credentials (without asking them for their credentials with prompt again).
Question by:Vikram Singh Saini
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 96

Expert Comment

by:Bob Learned
ID: 39887817
There are some ideas here to investigate:

Authenticating Users with Windows Authentication (C#)

If, on the other hand, you are using IIS with Anonymous authentication disabled and Basic authentication enabled, then you keep getting a login dialog prompt each time you request the protected page (see Figure 4).
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39887883
in the website are you set for windows authentication or forms authentication? you also have to setup asp website authentication
LVL 16

Author Comment

by:Vikram Singh Saini
ID: 39888542
First of all thanks to both of experts for answering to neglected question.


Yes! You are right and the excerpt from link speaks truth.

@David Johnson

Yes! I had set for Windows authentication both by IIS and in web.config too.

To both experts

Is there any way that I can get logged in user name from request without using Window authentication?
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

LVL 96

Expert Comment

by:Bob Learned
ID: 39888969
If you have Windows Authentication working correctly, then the identity shouldn't be null.  I believe that the problem is that the identity is null, so it is asking you to log in.
LVL 16

Accepted Solution

Vikram Singh Saini earned 0 total points
ID: 39925482
As I asked,

I want to allow access to specific controller for specific users with Admin role using their logged in credentials (without asking them for their credentials with prompt again).

So I was able to formulate solution for same by myself. Here is the link Window Authentication not working

Hope this will help someone with same issue.
LVL 16

Author Closing Comment

by:Vikram Singh Saini
ID: 39933738
I was able to fix the concerned problem by that solution.

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question