Click here to Skip to main content
15,742,120 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
I have an ASP.NET MVC 4 web application that applies Windows Authentication.

In Internet Explorer (IE), Fire Fox (FF) and Safari, that Windows Authentication works well as my expectation: users see a logon prompt dialog first, after they provide valid credentials, they are able to view my pages.

But when testing with Chrome, I see Chrome does not show the logon prompt dialog to users as I see with IE, FF, and Safari. Instead, it simply lets users pass through and view my pages immediately! That behavior of Chrome is not what I want. I really want Chrome to show the logon prompt dialog first, next users must provide valid credentials, and finally they can view pages.

My question:
How can I prevent Chrome from auto letting users pass through the logon prompt dialog? Chrome must show the logon dialog as with IE, FF, or Safari.

Please help.

My codes and IIS setup are working with IE, FF and Safari as I do as following:

1) For my web.config file, I configure as:

<authentication mode="Windows" />
     <deny users="?" />

2) And with IIS 7 on the server hosting my deployed MVC 4 application site, I enable Windows Authentication and disable Anonymous Authentication.

3) For tested MVC controllers, I decorate [Authorize] on actions and even controllers as well.

1 solution

The logon dialog is something you should not want. If you want windows authentication and a form, you should use forms authentication with a windows membership provider.
The dialog you see, is because the authentication is set in IIS to BASIC, or BASIC first. The pass-trough as you named it is the "real" window authentication that is using NTLM (or Kerberos in a domain).
Still, if you stick to see that dialog, be sure to use BASIC authentication only (see:[^]).
Share this answer
Thomas Benz 24-Jun-13 18:17pm    
@Zoltan, thank you for our reply. But I do not know why I should switch to Basic Authentication: if Windows Authentication is not working well (fail with Chrome), then why does Windows Authentication is an option for web site security feature in ASP.NET MVC or web form application?
Zoltán Zörgő 25-Jun-13 2:15am    
As you described, in your scenario windows authentication is working only with Chrome. Windows authentication should not pop up any dialog.
Thomas Benz 2-Jul-13 13:26pm    
I follow "forms authentication with a windows membership provider" approach as my solution. Thank you for your help.
ravikhoda 31-Mar-14 8:22am    
hi, my scene is bit opposite to above one. i am also using window authentication and it asks for login on all browser which i want to remove. My web config file code is same as above one. and on iis i have only window authentication enabled all other mode are disabled but still it asks for user name and password on all browser.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900