Solved

Most suitable authentication method for our IIS web application

Posted on 2014-09-25
3
208 Views
Last Modified: 2014-10-10
We are designing a .Net web application which will primarily used by employees.  We are Windows environment and we would like users who log into the domain not need to subsequently log into the site but instead the site reference the logged in user's AD group affiliation to enforce security.

Some users external to our LAN will also need to access the application.  If they are logged into their non-company PC we would like for them to be prompted for their AD credentials.

What is the best authentication for this?  Also, how can I set my development environment (Visual Studio 2013 Pro) up to emulate this?
0
Comment
Question by:canuckconsulting
  • 2
3 Comments
 
LVL 9

Assisted Solution

by:Trenton Knew
Trenton Knew earned 500 total points
ID: 40344497
I can't tell you exactly how to do it, but You should be able to use NTLM authentication, which would automatically log the person on if they are logged into a domain computer.  We use Passwordstate password manager and it uses this very method of authentication.  When I access it via a web browser, it never asks me for credentials if I'm myself logged into a domain computer, but people who are not authorized to use it get denied access.  Passwordstate runs on IIS and MSSQL, so I know it is possible.  I just can't give you more direction than that, unfortunately.
0
 
LVL 9

Accepted Solution

by:
Trenton Knew earned 500 total points
ID: 40344506
the Default "Windows" authentication should do what you're looking for, no?

http://msdn.microsoft.com/en-us/library/134ec8tc(v=vs.90).aspx
0
 

Author Closing Comment

by:canuckconsulting
ID: 40373178
Default "Windows" authentication with disabled anonymous access was the ticket.  Thanks!
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question