IIS7: Setup Integrated Windows Authentication like in IIS6

AuthenticationIis 7Windows Authentication

Authentication Problem Overview

This is for IIS 7 on a Windows Server 2008 that is not part of an AD domain. I would like to password protect a website, where people have to enter a username/password (a windows account for example) to view the website. The website would then use its own authentication method (forms) to handle user accounts and decide whether or not to show member specific pages, etc.

With IIS6, we just disabled anonymous access and enabled integrated windows authentication. IIS7 behaves differently and when I enter the windows username/password to view the site, the site comes up fine but redirects to the login page. Once I log in, the site behaves naturally. I need to be able to navigate the site without logging in with the website credentials.

I don't think enabling anonymous access would make sense here since I want access to the website to be password protected (popup username/password dialog when you first navigate to the url).

Any help is appreciated!

Authentication Solutions

Solution 1 - Authentication

To enable the Windows Authentication on IIS7 on Windows 7 machine:

  • Go to Control Panel

  • Click Programs >> Programs and Features

  • Select "Turn Windows Features on or off" from left side.

  • Expand Internet Information Services >> World Wide Web Services >> Security

  • Select Windows Authentication and click OK.

  • Reset the IIS and Check in IIS now for windows authentication.

Enjoy

Solution 2 - Authentication

Two-stage authentication is not supported with IIS7 Integrated mode. Authentication is now modularized, so rather than IIS performing authentication followed by asp.net performing authentication, it all happens at the same time.

You can either:

  1. Change the app domain to be in IIS6 classic mode...
  2. Follow this example (old link) of how to fake two-stage authentication with IIS7 integrated mode.
  3. Use Helicon Ape and mod_auth to provide basic authentication

Solution 3 - Authentication

Configure IIS7 for windows authentication in Windows Server 2008

See this link:

http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication

Enjoy this post :-)

Solution 4 - Authentication

So do you want them to get the IE password-challenge box, or should they be directed to your login page and enter their information there? If it's the second option, then you should at least enable Anonymous access to your login page, since the site won't know who they are yet.

If you want the first option, then the login page they're getting forwarded to will need to read the currently logged-in user and act based on that, since they would have had to correctly authenticate to get this far.

Solution 5 - Authentication

There's another thread elsewhere on Stack with a similar topic and the best solution I've come across is to use the free version of Helicon Ape

Once you've got that installed, follow the steps at the page Titled "HTTP Authentication and Authorization"

Categories
Recommended Authentication Solutions
Recommended Iis 7 Solutions
Recommended Windows Authentication Solutions

Previous Solution:

How to create a new figure in MATLAB?

MatlabPlotFigure

Next Solution:

How can I get all rows with keys provided in a list using SQLalchemy?

PythonSelectSqlalchemy

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionJim GeurtsView Question on Stackoverflow
Solution 1 - AuthenticationPrashant SView Answer on Stackoverflow
Solution 2 - AuthenticationJim GeurtsView Answer on Stackoverflow
Solution 3 - AuthenticationAmir AbolfazliView Answer on Stackoverflow
Solution 4 - AuthenticationSqlRyanView Answer on Stackoverflow
Solution 5 - Authenticationuser582232View Answer on Stackoverflow