Solved

Most suitable authentication method for our IIS web application

Posted on 2014-09-25
3
219 Views
Last Modified: 2014-10-10
We are designing a .Net web application which will primarily used by employees.  We are Windows environment and we would like users who log into the domain not need to subsequently log into the site but instead the site reference the logged in user's AD group affiliation to enforce security.

Some users external to our LAN will also need to access the application.  If they are logged into their non-company PC we would like for them to be prompted for their AD credentials.

What is the best authentication for this?  Also, how can I set my development environment (Visual Studio 2013 Pro) up to emulate this?
0
Comment
Question by:canuckconsulting
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Assisted Solution

by:Trenton Knew
Trenton Knew earned 500 total points
ID: 40344497
I can't tell you exactly how to do it, but You should be able to use NTLM authentication, which would automatically log the person on if they are logged into a domain computer.  We use Passwordstate password manager and it uses this very method of authentication.  When I access it via a web browser, it never asks me for credentials if I'm myself logged into a domain computer, but people who are not authorized to use it get denied access.  Passwordstate runs on IIS and MSSQL, so I know it is possible.  I just can't give you more direction than that, unfortunately.
0
 
LVL 9

Accepted Solution

by:
Trenton Knew earned 500 total points
ID: 40344506
the Default "Windows" authentication should do what you're looking for, no?

http://msdn.microsoft.com/en-us/library/134ec8tc(v=vs.90).aspx
0
 

Author Closing Comment

by:canuckconsulting
ID: 40373178
Default "Windows" authentication with disabled anonymous access was the ticket.  Thanks!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question