I want the ASP user login authenticated by the windows user, and to catch the user information as a session contained on the page. Then the login user can be redirected to its own folder (recognized by userid). How can I do that?
View RepliesCan someone tell me how I create a login page which
authenticates users against the servers user manager. I
want the login to be a form in my website not a pop up
window!
I would be grateful for any advice relating to this
subject. I have a script for windows 2000 active directory
but was wondering if you could achive the same with
windows NT 4 and IIS 4 Code:
In my CMS application (authentication = windows), I've tried to force a reauthentication after a button click by returning:
Response.StatusCode = 401;
However instead of reauthenticating once, I'm asked for 3 times despite the correct userid and password.
Is this due to certain configurations? Or is there any other alternative available to achieve the same effect?
If I have a website running ASP 3.0 on IIS 6 (server 2003), and am using
Integrated Windows Authentication, is there a way I can place in a session
variable something to identify the person who authenticated to the web site
so I can say right on the ASP page "Welcome UsernameHere" ??
I have this free calendar I downloaded off the net, that I am trying to tweak to meet company standards. A username/password is required, however I wanted to use Windows authentication... is there a way I can retrieve the username/password used to sign on the computer, for form validation??? If this is possible, could someone please advise me on how i would need to go about doing this??
View Replies View RelatedI wasn't sure which group to use but I'm developing a web application
that connects to a sql server. This application is for External Clients but
the information is sensitive. I thougth that if I do Windows Authentication,
would be the most secure one. I'm not sure if this is true. In any event, I
want to avoid the browser asking for username and password and allowing the
user to type on a username password textboxes on the web form. Is this
possible.
I am coding a web page to put information into a database. The main feature I am looking to do is authenticate the webpage using the windows user name and password, I then want the user name to be entered into the database. Can anyone help me with this? I have an access database linked into a webpage and it is able to enter data.
View Replies View RelatedI wanted to secure my application and have decided to go with windows NT challenge reponse. I want to check against the Active directory for a valid user. Should i do both? which one comes first? I am not sure of the sequence.
View Replies View RelatedI have an IIS 6 server on Windows 2003 running in an AD domain attempting to enumerate the files on another Windows 2003 server on the same domain. The code and UNC path are sound as it works if I set anonymous access and enter domain credentials in the page properties but if I check "Integrated Windows Authentication" it gives a "Path not found" 800a004c error in the browser. The IIS logs report a 500 0 0 status but it does show that it attempts to use the end user's credentials as you can see them in the logs. The IIS server is set for "Trust this computer (for Kerberos only)" but the the other server is not.
The two significant lines in the classic ASP page (with the server, share &
folder names replaced) are:
spmsmmpath="serversharefolder"
SET ofolder=ofs.GetFolder(spmsmmpath)
What am I missing? Does the file server need to be trsuted too? Do I need to use a MapPath command or am I using the wrong slashes? Remmeber the code works as is if I pass literal credentials.
I have developed a website using ASP.Net and C#. The issue I am facing is that on some of the links I get the default Windows authentication dialog. It happens only on some of the links even though the link points to the same page. i am clueless as this happens even on the development machine ie on localhost. The web.config has the setting as Authentication=None. why this might be happening.
View Replies View RelatedCan someone tell me a website/page that will show me how to use windows authentication in a vbscript page. I can't use .net, it has to be classic VB.
View Replies View RelatedI want to know how can we use windows Authentication in asp projects ? & what is the object need?
View Replies View RelatedI want to authenticate a user based on Windows Login. If a user is able to logon to the system, he/she should be able to logon to the page. I'm able to retrieve the system username using Request.ServerVariables("LOGON_USER") after disabling anonymous access in IIS Manager.
But whenever i open my page, it prompts for the username and password. But i dont want to prompt for the username and password, but logon to the site based on windows login.
I am creating an application that I would like to have the user type in their User ID, password and domain, and it do Windows Authentication to verify they are a valid user. Can someone provide me with any assistance on this by sample code, or a pointer to a site
that goes over this?
I have an application that is ISAPI and the only way to secure it is through NT permissions. I need to have a way to login to windows authentication so that when I get to the ISAPI application no boxes come up. I want an ASP page to sit between the user and the ISAPI application.
The rest of my application is using authentication that is database driven and wouldn't want the users to know the userid and password. Is this possible? If so how would I
accomplish it.
I have a client who wants me to use his login screen to authenticate
users, then send them to their correct folder's index page. There
will only ever be 4 or so users logging into this, so it doesn't need
to be huge.
So, I can't just set the password on the folder using windows or else
the windows box pops up, and he doesn't want to use a database, and he
doesn't want the pages inside the folder to have to have a .asp
extension.
i want to implement authorization with windows authentication and don't
have the slightest clue of how to do this implementation. the basic
windows authentication for this .NET application is already setup. my
problem lies within my inability to manipulate the username captured in
the authentication process and my knowledge of how IIS is involved.
specifically, i have the following questions:
1) what object(s) can be used so that the user's username can be
manipulated for the authorization process?
2) in order to apply roles, do the users need to be placed in groups in
IIS? if so, how does this work?
3) is all the code that the application uses for roles in web.config?
or does global.asax play a role in this matter?
4) does the web.config file know to communicate with IIS because the
authorization type is set to windows?
5) once authorization is in place, can a section of an .aspx file be
visible to a group or can only entire files be secured for a group?
I'm running IIS 6.0 on Windows SErver 2003 that is also a DC.
I have an asp page (default.asp) I am trying to access as my hom page for my
site. I am trying to use Windows authentication.
When I select only "integrated Windows authentication" I get prompted for
user information and then get an error: "The page cannot be displayed."
However, if I change the authentication method to "Basic authentication" and
enter the exact same logon information, it works without a problem.
I do not want to send passwords in clear text. I need to use Windows
authentication.
Does anyone know if there is a way to end a user's logged on Windows Authentication session?
I have some .asp files that make calls to our SQL Server which can only be accessed through Windows Basic Aunthentication in using SSL to encrypt everything and was wondering if there was a way to end the user's windows authentication session and force them to relogon if a certain time expired or if they didn't close the browser?
I'm familiar with ending asp session variables but in this case this wouldn't apply since the user is already in using windows basic authentication.
i design form to take input from user(username,password). How do i autheticate if the user is Windows Domain user and once it has authenticated successfully, how do i forward to the success page.
View Replies View Relatedhow can I avoid the windows authentication screen for viewing a report in Reporting Service.
View Replies View RelatedI have being told my our web developers team that it is not possible to use Windows Authentication on a SQL Server 2000 database and ASP application. That it can only be possible on a ASP.NET. On the other hand thur seraching the web I found out that this task can be accomplished by just turn on Windows Authentication and shut off Anonymous access in your website properties using IIS Manager on the Web server.
View Replies View RelatedCan someone direct me to a good tutorial on Windows Integrated Authentication and Active Directory. I am creating an intranet site and i want anyone that can sign on to our domain able to go to the intranet and not have it prompt them for username/password. I can't seem to find much info on it.
View Replies View RelatedWe're trying to setup an Intranet site with one portion of the site restricted using Windows Integrated Authentication. The rest of the site is accessed using anonymous access. Here are the details of the site
1) The restricted portion of the site is protected using NTFS permissions for authorized users
2) ONLY Anonymous user has NTFS permissions to the rest of the Intranet (all files / folders EXCEPT the restricted portion)
3) The IIS setting throughout the site has both anonymous access and Windows Integrated Authentication enabled
4) The restricted portion of the site is also the application start-point (in IIS) for an ASP application
5) The restricted portion of the site launches in a new browser window (using target="_blank")
Authorized users are able to access the restricted portion of the site. The problem is that when they try to get back to any of the anonymous access pages, they are prompted with the Windows Authentication dialog.
Is there any solution to this? Are there any web server settings that I need to look for?
I used to have the following ASP code (below) that runs on windows 2000 and authenticates users against the Active Directory. The code is working fine. However, after upgrading from Win2000 to Win2003 (IIS 6), authentication is failing, although the code is still working if run on win2000.
I tried to capture packets during the authentication phase from both win2000 and win2003 and I found out that there is a slight difference between the two although I believe that this is an OS bit not ASP thing. Code:
What I'm trying to do: I'm using LDAP to check and see if a user that is trying to view my page has network credentials and I am also trying to see what User Groups they are in. I have been told that the code that I'm using does indeed work.
Problem: In IIS I have unchecked the Anonymous access option and have checked the Integrated Windows Authentication option. When I try and view the page, I keep receiving the Windows login box with my domain/username and password filled in.
This puzzles me because the code that I'm using is supposed to strip the domain, yet that continues to show. It also looks like this code is supposed to redirect me to the requested page once my credentials are recognized, but I can't seem to get past this Windows login box that is similar to a login box for an FTP site. Any suggestions?
I developed some simple ASP 3.0 pages to add some operative functionality to my app. I configured IIS to use windows integrate authentication for this pages and it's working just fine.
For security reasons (audit) I need to trace down the username that requested this page. I already have a custom service called from ASP page that trace down some data I need. It's there a way to find out what is the windows username that requested the page so I can pass this information to my audit function?
Is it possible to have a session expire/time out or log out for a windows regular
domain user logged into an .asp application?
My ASP page needs to connect to the SQL using Windows Authentication.
I have research this topic and I think the pieces of the puzzle are here, but they are not coming together correctly.
Users are separated into groups with different levels of security, Group 1, Group 2, Group 3. Each group can only view, update or delete specific pages. Code:
We've recently moved to new servers (Win2k3, IIS6) and when setting up the intranet I've run into some difficulties.
The original intranet is split down into departments with security as below:
Intranet Home - anonymous access allowed.
IntranetFinance - anonymous allowed.
IntranetIS - Integrated Windows Authentication*
So the problem comes down to the IS folder. Integrated Authentication is set up so we can have an IS corporate directory where each user maintains their own details.
On the new server however, I've set up the web root as Intranet (anonymous access allowed) and set the IS folder as a new application folder. I've removed anonymous access and added only Integrated Windows Authentication and Digest Windows Authentication.
However when connecting to any page on the new server, no authentication kicks in at all. Connecting to a page IntranetISinfo.asp that returns only the "Logon_User" information, returns a blank field...
I'm trying to view a .aspx from a Win2003 server. When "Integrated Windows Authentication" is enabled, I can view the .aspx file. If I uncheck IWA, I get an HTTP 401.
Does anyone know why "Integrated Windows Authentication" is being forced and how I can disable it? I just want anonymous access. Code:
I am running windows 2000 on a client PC, running IIS and a helpdesk application created in house. Whenever someone on the domain (domain.com we'll call it)...tries to access the helpdesk app, it prompts them for a u/n; password. SWEET! This is what I want.
Here's where the problem lies in. WHen they type in their domain username/pwd combo...they get a "failed authentication" as it prompts them back with the fully qualified domain name of the pc the Helpdesk is on followed by their username. In short, they have to enter our domain (domain.com) followed by their username and password to work right.
The PC which houses the Helpdesk app is on the domain and is set up to authenticate users based on the domain relation. As a matter of fact, I have say Jack set up with everything but FUll Control. He can get in as long as in the username box it looks something like: Code:
how would an intranet user be nt authenticated using asp?
View Replies View Related