Psst! Did you know DevelopmentNow is a mobile web site design agency?

Contact us for help mobilizing your site, or to sign up for our beta Mobile Web SDK!
all groups > iis security > january 2005 >

iis security : Authenticating between two unrelated domains


Dave Geary
1/31/2005 9:36:45 AM
We have an ASP.NET website set up on IIS 6.0/Win2003 server with
Integrated Windows Authentication. The users accessing the site
obviously have an account in our domain that we want them to log in
under, but some are already logged in to their own local network
domain.

Unfortunately, when they access our site, it appears that their 'local'
domain credentials are passed for authentication and understandably
fail. But the user is then denied access with a 401.1 error without
being shown the username/password dialog box, so they never have to the
chance to enter valid values.

Is there any way we can trigger the display of the username/password
dialog box in these circumstances?

TIA,

Dave.
Miha Pihler [MVP]
1/31/2005 7:09:53 PM
Hi Dave,

Beside IWA also enable e.g. Basic Authentication (and protect is with SSL).
This will allow clients not members of your domain (clients that can't use
IWA) to enter username and password.

In any case, clients will always first try more secure authentication method
(IWA) and then less secure method (Basic Auth.).

--
Mike
Microsoft MVP - Windows Security

[quoted text, click to view]

Dave Geary
2/1/2005 12:51:21 AM
Thanks for the quick reply, Mike. That was spot on - it's working now.
Regards,

Dave.
AddThis Social Bookmark Button