Web application to use window domain accounts for authentication
If you have a web application that will run inside a network, it makes sense for it to support windows authentication (active directory?).
Would it make sense to us
-
Basically windows handles everything, you never store usernames or passwords, AD and IIS do all the work for you
add this to your
web.config<system.web> ... <authentication mode="Windows"/> ... </system.web>To configure Windows authentication
- Start Internet Information Services (IIS).
- Right-click your application's virtual directory, and then click Properties.
- Click the Directory Security tab.
- Under Anonymous access and authentication control, click Edit.
- Make sure the Anonymous access check box is not selected and that Integrated Windows authentication is the only selected check box.
You can then deal with the business or authorization using
web.configagain. for example<authorization> <deny users="DomainName\UserName" /> <allow roles="DomainName\WindowsGroup" /> </authorization>Read more here: http://msdn.microsoft.com/en-us/library/ms998358.aspx
讨论(0) -
This problem is solved in detail by Mr. Scott Guthrie in Link 1 and Link 2
讨论(0) -
I used windows security on some of my internal sites.
Basically the way I set it up is I remove anonymous access in IIS, then assign permissions on the sites files though the standard windows security model.
I'm not sure if this is the best practices, but it has always worked well for me.
讨论(0)
加载中...
- 热议问题