问题
Problem statement : I have implemented windows authentication on my website. I have used following code in my web.config for authentication
<authentication mode="Windows">
</authentication>
<authorization>
<deny users="?"/>
</authorization>
Now, the problem is that when I access the website, it takes the default ( windows) credentials and tries to login.
But I need that it should prompt the user for credentials so that user can enter domain-name\id and password of separate domain for authenticate (User will have VPN access to this other domain)
回答1:
You can achieve this using Digest Authentication mode in IIS. Once enabled it will prompt always for UserName/Password to the end user.
You can read more about this type authentication here:
http://technet.microsoft.com/en-us/library/cc778868(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc754104(v=ws.10).aspx
回答2:
Instead of using Windows Authentication use Forms Auth and check entered login and password in Domain.
There is a nice article on MSDN: How To: Use Forms Authentication with Active Directory in Multiple Domains
来源:https://stackoverflow.com/questions/16790747/asp-net-windows-authentication-should-always-ask-for-credentials