Windows Authentication not working
Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce 2010
Forum Discription: For .NET 4.0
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=3726
Printed Date: 13-May-2026 at 12:56am
Topic: Windows Authentication not working
Posted By: LowOrbit
Subject: Windows Authentication not working
Date Posted: 18-Oct-2012 at 1:48pm
|
Hello
I have a simple ntier test application on a Win7 64bit with IIS 7.5 installed. I am trying to get Windows Authentication to work but keep getting the following error when I trying to fetch anything:
"The current user is not authorized, and guest access is not allowed."
Here is my current web.config:
<?xml version="1.0"?> <configuration> <configSections> <section name="ideablade.configuration" type="IdeaBlade.Core.Configuration.IdeaBladeSection, IdeaBlade.Core"/> </configSections> <connectionStrings> <add name="ClassEntities" ..../> </connectionStrings> <ideablade.configuration version="6.00" xmlns="http://schemas.ideablade.com/2010/IdeaBladeConfig" > <logging logFile="log\DebugLog.xml" shouldLogSqlQueries="true"/> <objectServer> <serverSettings allowAnonymousLogin="false" useAspNetSecurityServices="true"/> </objectServer> </ideablade.configuration> <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false" /> </system.serviceModel> <system.web> <compilation debug="true" targetFramework="4.0" /> <authentication mode="Windows"/> </system.web> </configuration> Here is the pertinent part of the app.config: <ideablade.configuration version="6.00" xmlns="http://schemas.ideablade.com/2010/IdeaBladeConfig"> <logging logFile="DebugLog.xml"/> <objectServer remoteBaseURL="http://localhost" serverPort="9009" serviceName="EntityService.svc" > <clientSettings isDistributed="true" /> </objectServer> </ideablade.configuration>Here is a shot of the web server Authentication section:I have even called the Authenticator as such:Authenticator.Instance.DefaultAuthenticationContext = Authenticator.Instance.Login(null);I still get the same error.Any ideas?Thanks!Robert |
Replies:
Posted By: kimj
Date Posted: 18-Oct-2012 at 2:37pm
| We haven't done a very good job documenting this. In order to pass Windows credentials from the client to the server the WCF binding must be modified. You can do this either in the web.config or with a custom implementation of the DevForce ServiceHostEvents class, which is usually the easiest approach. Here's information on implementing the class: http://drc.ideablade.com/xwiki/bin/view/Documentation/code-sample-custom-server-configuration#HAcceptWindowscredentialswhenusingWindowsAuthenticationinIIS - http://drc.ideablade.com/xwiki/bin/view/Documentation/code-sample-custom-server-configuration#HAcceptWindowscredentialswhenusingWindowsAuthenticationinIIS . |
Posted By: LowOrbit
Date Posted: 18-Oct-2012 at 2:40pm
|
I guess I should include that I am using version 6.1.8.1.
Let me clarify a little what I'm trying to do. We want to rely on the BOS under IIS and ASP.Net "Windows Authentication" to verify that the current user is a valid windows user in our domain. In the client at the start of the application, we use the Authenticator to LOGIN (passing null). If the user is not a valid user, the system should throw an exception like I'm getting now. But if the user is a valid user (in our domain), the Login should succeed.
Then in a SaveInterceptor, I want to use the principal identity (which should now contain the users domain id) to look up additional information about that user from Active Directory (such as their Full Name, etc.). During the same, we update certain audit fields with their fullname. We don't have a user table in our database which is why we are going to A/D.
Thanks!
|
Posted By: LowOrbit
Date Posted: 18-Oct-2012 at 2:47pm
I saw that article and tried that one also. I get the following when I try that:
 Thanks!
|
Posted By: sbelini
Date Posted: 23-Oct-2012 at 12:32pm
|
We were not able to reproduce the error here. I'm attaching a sample using Windows Authentication: uploads/892/T12239.zip - uploads/892/T12239.zip
|
Posted By: ceramist
Date Posted: 24-Oct-2012 at 8:40am
| Try changing from Negotiate to IntegratedWindowsAuthentication. |