windows-authentication

We have a user who recently changed name. Let's say the old username was old.name and the new username is new.name. After editing the details in AD and logout/login with the new user name, our ASP.NET application shows the old name. Plain ASP.NET, no MVC, using Windows authentication. The code for getting the user name is: WindowsPrincipal wp = (WindowsPrincipal)HttpContext.Current.User; String userName = wp.Identity.Name.Substring(wp.Identity.Name.IndexOf("\\") + 1); This returns old.name, not new.name. I checked the IIS log files, these show the new name: 2011-04-05 11:41:44 W3SVC1 MARS 10

We are developing an intranet web application on .NET 2.0 platform. The application is using Integrated Windows Authentication for Single Sign On. The users are authorized to use diffent modules according to the Active Directory Groups they are in. Up to the point where authentication and authorization is accomplished everything works fine. But the problem starts when application tries to connect to the database on MSSQL Server. According to the security policies of our customer, no database user or password data should be kept in connection strings or in registry even if encrypted. So we are

I am in the process of building a Intranet MVC 4 application for our analysts. The goal is to allow internal users access to this application without having to sign on given they are part of our internal network. When they access the application I want to be able to capture their windows user name and check against the active directory using LDAP and retrieve the department they belong to and display the relevant details on the screen. Based on the advice from different fora, I have chosen Windows Authentication for this application and I was able to test the app successfully running from

A WIF-based WCF service needs to call method FederatedServiceCredentials.ConfigureServiceHost() , or put the equivalent element <federatedServiceHostConfiguration> in the web.config file, to work. This is a setting on the service level, in other words it applies for all endpoints. According to the method documentation, the ServiceHostBase instance is modified in several WIF-specific ways. For example, the authorization is replaced by a WIF-based authorization class. Now I'd like to have a single <service> (inside <system.serviceModel><services> ) with multiple <endpoint> s, where one endpoint

I am deploying a new EF 4.0 ASP.NET MVC 4 site to an IIS 7.0 server but I'm getting an error that says: "HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers." I have Anonymous Authentication and Forms Authentication disabled. ASP.NET Impersonation and Windows Authentication are both enabled. I've confirmed that everything okay according to this Microsoft KB article Even better, there is already a working site in the same app pool using the same type of authentication. I'm not sure what to check next. Does anyone have an idea what's

I am using this binding configuration on client and server: <basicHttpBinding> <binding name="BasicHttpBinding_IService1"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> The client credentials seem to not be passed automagically (or are they?) this way like i assumed, so i need to know how to set them by myself. Will this even work? Anand You have to enable Windows Authentication on IIS . Look at the below link for how to do it. Also, I checked the MSDN web site, the key difference between your config and

I'm NTLM (authenication="windows" in the web.config) with an asp.net mvc 2.0 site. Right now once a user logs in it keeps them logged in for weeks at a time. The use of the application is being opened up to users who share computers that use logged in service accounts. I need the site to reprompt each user for their AD credentials each time in order to handle these users. (Activity on the site must be linked to a uniquely identified user.) Thanks for any help that you can provide. Trey Carroll A way to do this is to handle the Http Authentication process using the HTTP 401 challenge . The