Solved

For my Intranet web application, how to limited only certain authenticated users and user gruops?

Posted on 2015-01-06
6
207 Views
Last Modified: 2015-01-06
Hi, I'm using VS2012, asp.net, C# and IIS 7
in my web.config file, I want to limit my userid and a user group(AD Security group), and then deny all other users. Running in debug mode from my VS at my local PC gives me access deny error.  Please advise what could be the error here, thank you.

   <system.web>
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
    <pages>
      <namespaces>
        <add namespace="System.Web.Optimization" />
      </namespaces>
    <controls><add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" /></controls></pages>
    <authentication mode="Windows">        
    </authentication>
    <authorization>
      <allow users="myUserId"/>
      <allow roles="adUserGroup"/>
      <deny users="*"/>
    </authorization>
    <profile defaultProvider="DefaultProfileProvider">
0
Comment
Question by:lapucca
  • 3
  • 3
6 Comments
 
LVL 23

Expert Comment

by:Michael74
ID: 40534500
IN System.Web set

<authentication mode="Windows"/>

and then you can add the authorisation section eg

<authorization>
  <allow users="domain\myUserId" />
  <allow roles="domain\adUserGroup" />
  <deny users="*" />
</authorization>

for more information have a look at

http://msdn.microsoft.com/en-us/library/ff647405.aspx
0
 

Author Comment

by:lapucca
ID: 40534571
I got error as below. Is there a certain way that I need to set IIS for this site?  But I'm running it from my local PC, VS.


Server Error in '/' Application.
--------------------------------------------------------------------------------


 Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.

Error message 401.2.: Unauthorized: Logon failed due to server configuration.  Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.  Contact the Web server's administrator for additional assistance.


--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446
0
 
LVL 23

Accepted Solution

by:
Michael74 earned 500 total points
ID: 40534597
For testing you can
enable NTLM authentication by right-clicking the name of your project in the Solution Explorer window and selecting Properties. Next, select the Web tab and check the NTLM checkbox

http://www.asp.net/mvc/overview/older-versions-1/security/authenticating-users-with-windows-authentication-cs

For a production website you do set IIS to use Windows Authentication for the site

Open IIS Manager and navigate to the level you want to manage.
On the Authentication page, select Windows Authentication.
In the Actions pane, click Enable to use Windows authentication.
http://technet.microsoft.com/en-us/library/cc754628(v=ws.10).aspx
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:lapucca
ID: 40534618
Awesome!  That worked! Do I need to remove the NTLM check when deploying to Production?  Thank you.
0
 
LVL 23

Expert Comment

by:Michael74
ID: 40534631
No this only applied to local web server used during testing. When deploying it to production this is when you will set up windows authentication in IIS
0
 

Author Closing Comment

by:lapucca
ID: 40534653
Very awesome!  Thank you.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

In my previous two articles we discussed Binary Serialization (http://www.experts-exchange.com/A_4362.html) and XML Serialization (http://www.experts-exchange.com/A_4425.html). In this article we will try to know more about SOAP (Simple Object Acces…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now