Click here to Skip to main content
15,887,280 members
Search within:


asp.net Windows Authentication: users pass through logon prompt with Chrome
Please Sign up or sign in to vote.
0.00/5 (No votes)
I have an ASP.NET MVC 4 web application that applies Windows Authentication.

In Internet Explorer (IE), Fire Fox (FF) and Safari, that Windows Authentication works well as my expectation: users see a logon prompt dialog first, after they provide valid credentials, they are able to view my pages.

But when testing with Chrome, I see Chrome does not show the logon prompt dialog to users as I see with IE, FF, and Safari. Instead, it simply lets users pass through and view my pages immediately! That behavior of Chrome is not what I want. I really want Chrome to show the logon prompt dialog first, next users must provide valid credentials, and finally they can view pages.

My question:
How can I prevent Chrome from auto letting users pass through the logon prompt dialog? Chrome must show the logon dialog as with IE, FF, or Safari.

Please help.


My codes and IIS setup are working with IE, FF and Safari as I do as following:

1) For my web.config file, I configure as:

XML
<authentication mode="Windows" />
   <authorization>
     <deny users="?" />
   </authorization


2) And with IIS 7 on the server hosting my deployed MVC 4 application site, I enable Windows Authentication and disable Anonymous Authentication.

3) For tested MVC controllers, I decorate [Authorize] on actions and even controllers as well.
Posted
Add a Solution

1 solution

The logon dialog is something you should not want. If you want windows authentication and a form, you should use forms authentication with a windows membership provider.
The dialog you see, is because the authentication is set in IIS to BASIC, or BASIC first. The pass-trough as you named it is the "real" window authentication that is using NTLM (or Kerberos in a domain).
Still, if you stick to see that dialog, be sure to use BASIC authentication only (see: http://technet.microsoft.com/en-us/library/cc772009(v=ws.10).aspx[^]).
 
Share this answer
 
Posted
Comments
Thomas Benz 24-Jun-13 18:17pm    
@Zoltan, thank you for our reply. But I do not know why I should switch to Basic Authentication: if Windows Authentication is not working well (fail with Chrome), then why does Windows Authentication is an option for web site security feature in ASP.NET MVC or web form application?
Zoltán Zörgő 25-Jun-13 2:15am    
As you described, in your scenario windows authentication is working only with Chrome. Windows authentication should not pop up any dialog.
Thomas Benz 2-Jul-13 13:26pm    
Zoltan,
I follow "forms authentication with a windows membership provider" approach as my solution. Thank you for your help.
ravikhoda 31-Mar-14 8:22am    
hi, my scene is bit opposite to above one. i am also using window authentication and it asks for login on all browser which i want to remove. My web config file code is same as above one. and on iis i have only window authentication enabled all other mode are disabled but still it asks for user name and password on all browser.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
window authentication remove login prompt?
windows user authentication
Authentication through windows logon.
Network logon failure
Crystal reports issue - LogOn prompt
Windows authentication in ASP.NET
Windows authentication in asp.net
Want to pass Authentication Cookies to Report server logon page
Crystal Reportviewer in VB ASP.net Prompt Logon is missing Database name
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. only in Chrome and Firefox browser

Advertise
Privacy
Cookies
Terms of Use
Last Updated 24 Jun 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900