6

I need my MVC4 app to get the current domain user that is logged on to the machine automatically logged in in my index.cshtml page.

the rest of the application works as intended by using the Authorize attribute the actions i need secured.

I just need to say to the app "get the current machine logged in user , dont secure anything and take the user to the landing page".

web.config:

<authentication mode="Windows" />

like this the user is BLANK on the landing page.

If i try to put just [Authorize] on my index action then it asks for credentials and then continues as i want, without securing anything on the landing page.

Is there any way around this?

UPDATE:

No matter what you do , it seems that there is no way to bypass the login prompt and make the application automatically get the current domain user and log him in the app.

e4rthdog
  • 5,103
  • 4
  • 40
  • 89

4 Answers4

3

Check this from MSDN

add impersonate="true" along with it

  <identity impersonate="true"/>
  <authentication mode="Windows" />

Then use 

 ((HttpContext)context).User.Identity as WindowsIdentity
Murali Murugesan
  • 22,423
  • 17
  • 73
  • 120
  • nope..i have tried this and tried again now..It still asks for authentication. Anonymous login should be enabled in IIS for this app? – e4rthdog Oct 08 '13 at 09:17
  • @e4rthdog, No. Anonymous login is not required. – Murali Murugesan Oct 08 '13 at 09:19
  • just tried. If i dont have anonymous enabled it brings up login dialog box. if i enalbe anonymous then user identity is blank, without login box – e4rthdog Oct 08 '13 at 09:23
  • @e4rthdog, It will prompt you to enter windows authentication details anyhow. If you run from visual studio you wont get it :), I beleive the IIS is running another machine and not in your machine :) – Murali Murugesan Oct 08 '13 at 09:31
  • Yes indeed :)...thats my key question..is he gonna ask anyhow? this is what is not clear. I thought that it wouldn;t ask and took the current logged in user – e4rthdog Oct 08 '13 at 09:38
  • 1
    @e4rthdog, I worked on windows auth app. It will always ask. I am not sure is there any work around to automatically detect and run. Hope due to security reasons it will not be possible. check google and inform if you find any. it will be useful :) – Murali Murugesan Oct 08 '13 at 09:41
  • someone proposed this http://www.codeproject.com/Articles/94612/Windows-Authentication but i cant find the properties it says in order to enable the integrated windows authentication – e4rthdog Oct 08 '13 at 12:21
1

Use Windows Authentication and for ASP.NET and IIS and specify the ASP.NET URL Authorization in the web.config as shown in this answer. Whenever the current user is authorised, the user will be silently logged in.

Tested using IE 11, IIS 8.5, Windows Server 2012 R2.

Community
  • 1
  • 1
Donal Lafferty
  • 5,807
  • 7
  • 43
  • 60
1

i just finished fighting with this problem. i should preface that this is with iis 7 running on win 2k8r2. the fix for me was to go to authentication menu in iis -> select windows authentication -> click providers in the right pane -> adjust so that only ntlm is in the list of available providers. negotiate seems to be the culprit for forcing the log-in prompt.

Michael
  • 1,022
  • 1
  • 11
  • 28
0

You may also try adding the following to your <appSettings>:

<add key="enableSimpleMembership" value="false" />
DanElliott
  • 173
  • 1
  • 8