1

I would like to make an mvc4 application in asp.net that uses single sign on with ldap.

So a user logs in to AD and then goes to the webapplication. This application should be able to know which user is visitting without asking for any authentication anymore. The application should be able to know the username from the AD.

Anyone who can land me a hand with this or can give me a good explanation? I don't really understand how to fix this.

thanks in advance!

Terry Gardner
  • 10,957
  • 2
  • 28
  • 38
user1122844
  • 87
  • 4
  • 13

1 Answers1

2

You could use Windows Authentication. Steps:

  1. Create a new ASP.NET MVC application using the Intranet Application template
  2. Read the text file that is opened for you which explains in details the things you need to do in order to configure your web server to enable windows authentication
  3. Deploy your application and enjoy

For completeness sake here's the text file that is generated for you:

To use this template with Windows Azure authentication, refer to http://go.microsoft.com/fwlink/?LinkID=267940.

Otherwise, to use this template with Windows authentication, refer to the instructions below:

Hosting on IIS Express:

  1. Click on your project in the Solution Explorer to select the project.
  2. If the Properties pane is not open, open it (F4).
  3. In the Properties pane for your project:
    a) Set "Anonymous Authentication" to "Disabled".
    b) Set "Windows Authentication" to "Enabled".

Hosting on IIS 7 or later:

  1. Open IIS Manager and navigate to your website.
  2. In Features View, double-click Authentication.

  3. On the Authentication page, select Windows authentication. If Windows authentication is not an option, you'll need to make sure Windows authentication is installed on the server.

    To enable Windows authentication on Windows:

    a) In Control Panel open "Programs and Features".

    b) Select "Turn Windows features on or off".

    c) Navigate to Internet Information Services > World Wide Web Services > Security and make sure the Windows authentication node is checked.

    To enable Windows authentication on Windows Server:

    a) In Server Manager, select Web Server (IIS) and click Add Role Services.

    b) Navigate to Web Server > Security and make sure the Windows authentication node is checked.

  4. In the Actions pane, click Enable to use Windows authentication.

  5. On the Authentication page, select Anonymous authentication.
  6. In the Actions pane, click Disable to disable anonymous authentication.
Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928
  • If I use the windows authentication as you suggest here, it isn't specific from AD? – user1122844 Feb 26 '13 at 13:50
  • Windows Authentication requires you to have AD. – Darin Dimitrov Feb 26 '13 at 13:51
  • I'm not in the AD-environment now, and it shows me a login-form. If I am in the environment, is that form shown too? or am I automatically signed on then? can I sign in on that folder with just AD credentials? – user1122844 Feb 26 '13 at 14:01
  • No, if you are using AD and Windows authentication there's no sign in form at all. The user will be automatically authenticated with his Windows credentials. – Darin Dimitrov Feb 26 '13 at 15:12
  • and is it possible to make certain pages vissible for not-authenticated users and the other pages only for authenticated users? – user1122844 Feb 26 '13 at 15:41
  • No, not with Windows Authentication. If you want to achieve that you could use Forms Authentication but with a custom membership and role providers which will use Active Directory to validate the credentials and manage user roles. Here's an example: http://stackoverflow.com/a/6147882/29407 – Darin Dimitrov Feb 26 '13 at 15:45