I'm developing a MVC application that will require a user to be authenticated against an AD. how to create log in page in MVC to create an Intranet Application that automatically authenticates a user against an AD
Why don't you use the Intranet Template provided by Microsoft Visual Studio, which does exactly what you want out of the box?
Your requirement is paradox. Why do you want a login page, which does login a user automatically, while being logged in by visiting the (main-)site automatically, does not require the visitor to do anything at all, because he is already authenticated by entering his credentials at the windows-logon
More information: http://msdn.microsoft.com/en-us/library/gg703322(v=vs.98).aspx
you can use the built in windows authentication feature. the example is in here
if you need mixed authenticated for example you want the user can access from outside using their AD it will involve either two applications or two different pages for authentication types. find the example here
I'm not entirely sure if you actually want a login page that automatically authenticates a user that visits the main site. Maybe your wording is a bit confusing there.
I'll asumme you want your Web-App to be able to authenticate users against AD after having to log in with intranet credentials. If that's the case, you might want to have a look at this article detailing how to set that up using IIS and an ASP.NET app.
If not, please disregard this answer.
Related
I am attempting to build an ASP.NET MVC website which allows certain domain users to login and access the various functions it offers. I'm building this using Azure AD which Azure has a really nice way of letting you download a pre-built application which comes withe a Windows login page and authenticates the user already.
Here is the login page. It is even pre-populated with my domain.
Username#mydomain.com
After a successful login however the User.Identity.Name property is null.
I did some searching online and found a ton of posts like this that recommended turning Anonymous Authentication off and Windows Authentication on in the project properties. I gave that a shot but it automatically signs me in, completely bypassing the login page, and the User.Identity.Name is the name of the PC I'm developing this on. Is there a way to have Windows Authentication enabled and still have the login page working?
EDIT 1:
I forgot to mention, the User.Identity.Name property is null after the user has been authenticated for login.
I want implement .NET web site with AD authentication, If site is accessed internally then it should automatically login with current user.
BUT if site is access out site organization then it should redirect user to custom login for where user can enter AD login details.
Can anyone guide how we can achieve this functionally what configuration required.
ASP
.NET
IIS Configuration
Firewall (if required)
Any other configuration required.
Thanks in Advance
I believe you can do that by enabling Windows Authentication and dealing with 401 Not Authorized results by checking, if user is authenticated(means he is Windows user, but is not authorized to access resource) or he is not authenticated it means he is not Windows user and you can redirect him to login page.
You have to take care of restrictions on Windows users and stuff around, but I believe it is possible to do that, even I am not a big fan of such authentication solution.
I need to make an asp.net C# website where the user signs on the site, the site then logs into an active directory server and checks the users group, depending on group it forwards the user to one of 2 url's. At those urls is the real active directory login page setup for the group there in, but the asp site should log the user in on there behalf so the user shouldn't see that login page and should be skipped directly to the "logged in" page.
The asp page I'm making has already done everything except the part where it logs in the user on their behalf. As of now the user is taken to the correct site but is faced with another login page so he/she will have to end up logging in twice basically.
Both are on completely different servers, however, the asp.net site is in the local domain of the active directory server so it can still authenticate and access the server despite the fact that it's outside the servers network. So far I'm successfully using LDAP to test authenticate the user and get the users groups but like I said it doesn't carry over the authentication to the forwarded URL so the user will have to end up logging in again.
I have to note that this is for a company I work for so much of the code and details are private. I was only allowed to post this much.
You didn't say which version of .NET you were using. If it's 4.5, then if it were me, I'd get my infrastructure guys to put ADFS in. The user would log into ADFS which would pass a token to the first site. When the user was forwarded to either of the second sites, it would redirect to ADFS for its token, but since the user would already have authenticated to ADFS, the token would be issued without the user having to do anything else.
If you're using .Net 4.0, it's as easy but they baked all of the Claims stuff into the core of 4.5 whereas it's bolted onto .Net 4.0. There's a couple of courses on PluralSight, by Dominick Baier, which will get you up to speed in a few hours. They are well worth the month's subscription.
I am building an intranet website. And I am still unsure of how to implement the security of the website. I am using ASP.NET MVC 3.
Anyone in the company can access the website. It is a recognition system where you can nominate an employee for an award. Currently I am not using any type of authentication. I have a roles table that contains roles and an association table that specifies which user contain what roles, these roles are mainly administrator-type roles. If a user does belong in these roles then he/she can still access various parts of the website.
Would I need to use the built-in membership for this? Or would I need to create a custom membership for this? We don't use a login page. If the user does not have roles to access a view then he/she is redirected to another page.
We use IIS to do our authentication. Is this the same as Windows authentication? I have the roles table used for authorisation.
I'm just a little confused at the moment, I am hoping someone can give me some more clarity.
You can very well use ASP.Net MembershipProvider and RoleProvider for this
For tutorials on how to use them you should look at Videos at asp.net.
Here's a walk-through at MSDN
This blog post by Scott Guthrie might help:
Recipe: Enabling Windows Authentication within an Intranet ASP.NET Web application
For Intranet web applications, the most common authentication scenario to use is called Windows Authentication. Windows Authentication avoids the need to create a login form within an application, and does not require end-users to manually enter their username/password credentials to login to the application. Instead, ASP.NET and IIS can automatically retrieve and validate the Windows username of the end-user visiting the site in a secure way
this is my scenario: I'm developing a web application where the user logs in, when he clicks a link I want him to be redirected to a Sharepoint site and I want to automatically pass to Sharepoint his username and password, therefore he doesn't need to log in.
How should I do this? Please indicate me the best strategy. I have already tried with this, but it did'nt work out.
http://forums.asp.net/t/883397.aspx
The login via NetworkCredential seems to work fine, but when I redirect my page to Sharepoint it prompts me again for user and password.
Thanks in advance.
We did something like this on a application I was working on (although it wasn't a SP site). You want to setup the web.config so that both site can decode the authentication token (cookie) that is set in your web application. Take a look at this article on MSDN that describes how to configure forms authentication across applications.