Can I setup an extranet website in IIS using Windows authentication?

I'm working on a new web application.  Users will be logging in sometimes on the domain pc and sometimes from their mobile device that is not on the network domain.  Can I configure this in IIS (7.5) for this web application/site to be a Windows Authentication app?  I mean, will it still work when user navigates to the web site using their mobile device and still be asked to enter their Windows' credential and be authenticated?

Also, is there an option in this Window's Login dialog, a checkbox, to remember the credential with?  

Thank you.
lapuccaAsked:
Who is Participating?
 
arnoldCommented:
I am uncertain whether that option is configurable or is presented under certain conditions I.e. In that type of an interface the info would be saved within the user's keys

Control keymgr.dll
This is one way a user can save external passwords.

Intranet site means it is only available internally. Usually the security consideration are more relaxed, when a site is externally accessible, the security consideration should be in accordance with the exposure and is no longer an intranet, it could be mixed through restriction of pages/sections, but restrictions are not fixed where a typo, error could expose those section.
0
 
arnoldCommented:
To the first yes you can, the user from a non-domain will be prompted for credentials.

Windows login you mean onto a system?
There is no check box option there, there is a way to configure a system to auto login as a user.

Please explain what windows login prompt do you mean.
0
 
lapuccaAuthor Commented:
The windows log I meant is when you enable the "Windows Authentication" in IIS (7.5 is ours), for the web application, the IIS will display a login dialog asking users for their userid and password that's their domain account or windows account.  
Thank you.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
arnoldCommented:
There is no way to enable remember me in that dialogue.

You could code your application to prompt for user login using AD authentication at which point the login process will be totally under your applications control.
With using IIS windows authentication, the authentication to access is left to IIS.
It only answers does user have access? with a valid login, the user has, with an invalid, the user does not.

Depending on what it is the site/application does, have you considered having the user authentication be part of the application versus an IIS function?

Usually, remember me is handled by the site when the option is checked is to set a cookie on the client side that is checked when the user returns to see whether the cookie exists, its contents match the criteria and username is then extracted from the parameters and allowed in.
0
 
lapuccaAuthor Commented:
Arnold,
Thank you and that makes sense.  I knew about IIS is in charge and about the cookies but still appreciate you writing up the explanation.   The reason why I asked because of this screen shot at this article shows a option box for "Remember my credential" when it's set as "Digest Authentication" in IIS.  https://www.simple-talk.com/dotnet/asp.net/authentication-and-authorization-with-windows-accounts-in-asp.net/  
I also attached an image from that link.

I can setup a web application in IIS, and only enable the "Windows Authentication"  I thought that would set up the web application to be an Intranet.  But users can still see this site as a public website but just will be asked to enter windows credential for authentication.  So when and how does a web application gets set up as an Intranet?  Is it by IP limitation on IIS?
Thank you.
1268-Figure4.jpg
0
 
lapuccaAuthor Commented:
Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.