Trying to implement windows authentication on my published asp.net core 2.2 application. Hosting server is Windows server 2016 (IIS). I would like to use the active directory logged in user account to authenticate the user on my application.
I'm getting the user details by these methods:
User.Identity.Name; //return null in local host, worked when IIS
System.Security.Principal.WindowsIdentity.GetCurrent() // local host
I keep getting in the browser, the Sign in dialog box (although I would like to get rid of it, even when entering credentials - <username> + password - it doesn't authenticated).
- I would like to get rid of it
- Stop getting error 401 - unauthorized
I've configured what ever I was advised - both IIS and browser, but still - keep getting it:
Browser:
- Browser security - Entered the host IP address to the trusted sites
IIS:
- Set Authentication => enable Windows Authentication to true.
- Through web.config - set "forwardWindowsAuthToken" to "true".
Site Configuration:
- In the IIS site configuration (applicationHost) - system.webserver -> Security -> Authentication -> windows authentication -> "UseKernelmode" = "true"
ApplicationPool:
- .NET CLR Vesrion = "No Managed Code"
- Managed Pipeline Mode = " Integrated" event tried to change in the "advanced settings" the Identity from "ApplicationPoolIdentity" to "NetworkService"
NTFS permissions:
- Set basic and defaults Permissions to the account<Server host Name>\IIS_IUSRS on the server published code directory: Read & Execute, List folder contents, Read. Maybe the problem is here - because the IIS_IUSRS account is defined in the server and not in the domain ?
You can try this method to solve the problem: