Home All Groups Group Topic Archive Search About

Anonymous User AND NT Authentication Works On Localhost But Not On

microsoft.public.dotnet.framework.adonet
Author
11 Dec 2006 3:15 PM
Dan Sikorsky
I have localhost directory security Anonymous User and NT Authentication both
checked. Anonymous Users can get to my web page and NT Autheticated Users can
pass in the logonname where I can read it in my web page.

However, on the actual web server, I can't reproduce this. Either I can
allow Anonymous users access to my web page and domain users don't pass in
the logonname (Anonymous Users checked in Directory Security), or NT
Authenticate users pass in logonname and Anonymous Users get 'Access Denied'
message (Anonymous Users unchecked).

I need to know if the user requesting the web page is in the same domain as
the Web Server (NT Authentication) or if the request is coming from outside
the domain (Anonymouse User). If user is anonymous and has not registered on
the NewUser.aspx page, then that user must register; otherwise, for non
anonymous users I can register them programmatically using the passed in
logonname and a contrived password and email address, thereby alleviating the
user from that tedium.

How can I accomplish this?



--
Thank you kindly,

Dan Sikorsky BA, BSCE, MCS

Author
12 Dec 2006 8:05 PM
Paul Clement
On Mon, 11 Dec 2006 07:15:01 -0800, Dan Sikorsky <DanSikor***@discussions.microsoft.com> wrote:

¤ I have localhost directory security Anonymous User and NT Authentication both
¤ checked. Anonymous Users can get to my web page and NT Autheticated Users can
¤ pass in the logonname where I can read it in my web page.

¤ However, on the actual web server, I can't reproduce this. Either I can
¤ allow Anonymous users access to my web page and domain users don't pass in
¤ the logonname (Anonymous Users checked in Directory Security), or NT
¤ Authenticate users pass in logonname and Anonymous Users get 'Access Denied'
¤ message (Anonymous Users unchecked).

¤ I need to know if the user requesting the web page is in the same domain as
¤ the Web Server (NT Authentication) or if the request is coming from outside
¤ the domain (Anonymouse User). If user is anonymous and has not registered on
¤ the NewUser.aspx page, then that user must register; otherwise, for non
¤ anonymous users I can register them programmatically using the passed in
¤ logonname and a contrived password and email address, thereby alleviating the
¤ user from that tedium.
¤
¤ How can I accomplish this?

Take a look at the below MS KB article. You many have to abandon Integrated Windows authentication
in your implementation if users are outside of your network.

How IIS authenticates browser clients
http://support.microsoft.com/kb/264921

An alternative is Forms based authentication, which allows a bit more flexibility.

How to: Implement Simple Forms Authentication 
http://msdn2.microsoft.com/en-us/library/xdt4thhy.aspx


Paul
~~~~
Microsoft MVP (Visual Basic)

AddThis Social Bookmark Button

Post Other interesting topics
mdb & vb.net
SqlDataReader performance
Connection pooling questions
There must be a better way than this (oledb connections and connection strings)
Difference between Typed dataset and untyped dataset