ASP.NET Authentication

Hi Guys,

I have an asp.net application and I authenticate users by using <authentication mode="Windows">.

The users are active directory users and they are login to their machine with the same credentials they log in to the asp.net application.

My question is how can I check in my asp.net application that user already login to his machine and let him login automatically to the application.

Thanks.
LVL 1
Moti Mashiah.NET DeveloperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

it_saigeDeveloperCommented:
You could try enabling SSO - https://msdn.microsoft.com/en-us/library/dd577079.aspx

You could also use a more heavy handed approach and check for authentication by resolving the user from the HttpContext.Current.Request.LogonUserIdentity property.  In order to get the user that is accessing the page, you want to set your applications authentication mode to Windows, turn off impersonation and add your authorization users/roles; e.g. -
<system.web>
    <authentication mode="Windows" />
    <identity impersonate="false" />
    <authorization>
        <allow users="DOMAINNAME\Username" />
        <allow roles="BUILTIN\Administrators" />
        <deny users="*" />
    </authorization>
</system.web>

Open in new window

The authentication for your site will look like this:Capture.PNG
-saige-
0
Moti Mashiah.NET DeveloperAuthor Commented:
Thank you for your answer. it helped me a lot.

After I configured it for my website I'm getting a popup window to authenticate myself which is fine. So after I authenticate myself it sends me to my application login page.

My question is - how can I detect from my sign in a method that the user authenticate already and let him skip the login page?
0
it_saigeDeveloperCommented:
Here is a good resource to explain standard ASP.NET authentication/authorization methods:

https://www.codeproject.com/Articles/98950/ASP-NET-authentication-and-authorization

-saige-
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Moti Mashiah.NET DeveloperAuthor Commented:
thank you, that was a good article. I have one more issue: why the prompt come up in chrome but not in IE 11.?
0
Moti Mashiah.NET DeveloperAuthor Commented:
k, I got all this idea. I just can't understand how can I recognize the user who login when it comes to my code. What actually I want to do is to see which user is login and skip him to the main page after the application login.
0
Moti Mashiah.NET DeveloperAuthor Commented:
Thanks for your help. I figured out how to get the user identity by using security class.

then, User.identity.Name.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.