windows-authentication

问题 I have created a group on AD, and configured this group to have access to my SQL Server. With it, any .Net app, SQL Server and SSIS are able to connect to SQL Server using any AD account that's on that group, they just need to set Trusted Connection/Windows Authentication. Now I need to do the same on IIS apps. But I have never configured IIS and don't know how to do it. I Googled it, but everything refers to user authenticating to IIS using NTLM, not IIS connecting to SQL Server. 回答1: For

问题 We have an internal system where users can authenticate using Windows authentication but we want to include some custom content in the 401 repsonse that takes the user to a custom username/password authentication page if the cancel off the Windows authentication dialog. When an unauthenticated user accesses a page, Windows authentication responds with a 401 Unauthorized response, with the headers WWW-Authenticate: Negotiate WWW-Authenticate: NTLM This prompts the browser to show a dialog

问题 Has anyone have experience getting Breeze (or DataJS for that matter) to communicate with a Web API 2 OData endpoint which requires Windows Authentication and is hosted on a different server? I have successfully configured Web API to enable CORS and I am able to initiate a cross-domain request to the OData endpoint using jQuery: load: function () { $.ajax({ type: "GET", dataType: 'json', url: "http://services.company.com/odata/GeographicalRegions", xhrFields: { withCredentials: true },

问题 We have multiple web services that provide access to some large data extractions. They're implemented as http handlers, so we can stream the result directly into the response stream. We already have anonymous and HTTP basic authentication working on a single endpoint. We would now like to add Windows Authentication, so internal users can get access to all the same data that they can get from the internal web app. However, I can only get Windows Authentication working if I disable anonymous

问题 I have a custom AuthorizeAttribute like so: public override void OnAuthorization(AuthorizationContext filterContext) { if (filterContext.HttpContext.Request.IsAuthenticated) { var userInRole = CurrentUser.IsInRole(Roles); // Etc... } } Should I be calling base.OnAuthorization(filterContext) at all here? If so, what would it do? 回答1: The default implementation is open source and can be viewed here. It checks whether the user is authenticated, then checks to ensure the user or role is specified

问题 I need to authenticate user's Windows credentials, given a userId, domain and password. Our Active Directory contains multiple domains, some which we can list using the following code: var domains = System.DirectoryServices.ActiveDirectory.Forest.GetCurrentForest().Domains; However, we also have users that belong to domains outside the forest. They are however accessible to me from the Global Catalog (GC). Below code allows me to get a directory entry for a userid. System.DirectoryServices

问题 I have followed a combination of these three resources for getting started with Identity Server 4. IdentityServer4.Quickstart.UI 4_ImplicitFlowAuthenticationWithExternal Combined_AspNetIdentity_and_EntityFrameworkStorage The combination of the three were used in order to store users within the the database even from external providers. Also store Identity Server 4 configurations such as claims, roles, clients, and resources. My main issue right now is when running in IIS Express windows

问题 I have followed a combination of these three resources for getting started with Identity Server 4. IdentityServer4.Quickstart.UI 4_ImplicitFlowAuthenticationWithExternal Combined_AspNetIdentity_and_EntityFrameworkStorage The combination of the three were used in order to store users within the the database even from external providers. Also store Identity Server 4 configurations such as claims, roles, clients, and resources. My main issue right now is when running in IIS Express windows

问题 I have the following structure for my web application: In my root web config, not in the Areas/Admin/Web.Config I have the following: <location path="Areas/Admin"> <system.web> <authentication mode="Windows"></authentication> <authorization> <deny users="*"/> </authorization> </system.web> </location> I have my own authentication working on the main root of the web site no problems by using the [Authorize] tag. Now for the Areas/Admin I'd like to use Windows Authentication. In IIS (Server

问题 I'm building an Intranet application based on Ext JS and webservices. Users are authorized using Integrated Windows Authentication, which works fine in IE. Because my application is in JavaScript, it is loaded in Firefox, but then when I request some data from server I get 'access denied' in Firebug, because all webservices are checking user rights. Can I request the user to enter his username and password (like login to FTP or a simple login page) in all browsers that don't support