Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Capturing Windows Username without popping challenge box in the browser

Reply
Thread Tools

Capturing Windows Username without popping challenge box in the browser

 
 
Raj Thakkar
Guest
Posts: n/a
 
      12-08-2004
Hi,
I am currenty working on a site for intranet.
I have a user control in the header of every page that will be
displayed only if people with certain username are surfing the site.
These lists of usernames is stored on the server side in a xml based
file

So what I am doing at the moment is inside the user control pageload
method, i get the username of the current person logged in using
HttpContext.Current.User.Identity.Name and if the username is within
the list of 'allowed-access-usernames', I continue loading the
usercontrol else I set its visibility to false
so they can't see it.

It all works fine if I try to access the site from localhost.
The application grabs my windows username and verfies it against the
list, if i am present in the list, I see the control else I don't

The problem comes when I try to access the site from different machine.
As soon as i try to access the page, IE pops up a window asking for
username and password which I don;t want to.
I want to just grab the username of currenty logged in user on the
machine and give it to the server.

Can anyone help me how do i achieve this?

BTW, I am doing this using windows authentication.
In the IIS 5.1, I have
Anonymous Access unchecked
Integrated Windows Authentication checked

In web.config file
I have windows authentication
and
<identity impersonate="true" />


Thanks,
Raj

 
Reply With Quote
 
 
 
 
Joyjit Mukherjee
Guest
Posts: n/a
 
      12-08-2004
Hi,

Do you have any <deny/> element under the authorization tag ? It seems that
you are denying users so that IE pops up the window to enter username /
password.

Let me know your Web.config entry.

Joyjit

"Raj Thakkar" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi,
> I am currenty working on a site for intranet.
> I have a user control in the header of every page that will be
> displayed only if people with certain username are surfing the site.
> These lists of usernames is stored on the server side in a xml based
> file
>
> So what I am doing at the moment is inside the user control pageload
> method, i get the username of the current person logged in using
> HttpContext.Current.User.Identity.Name and if the username is within
> the list of 'allowed-access-usernames', I continue loading the
> usercontrol else I set its visibility to false
> so they can't see it.
>
> It all works fine if I try to access the site from localhost.
> The application grabs my windows username and verfies it against the
> list, if i am present in the list, I see the control else I don't
>
> The problem comes when I try to access the site from different machine.
> As soon as i try to access the page, IE pops up a window asking for
> username and password which I don;t want to.
> I want to just grab the username of currenty logged in user on the
> machine and give it to the server.
>
> Can anyone help me how do i achieve this?
>
> BTW, I am doing this using windows authentication.
> In the IIS 5.1, I have
> Anonymous Access unchecked
> Integrated Windows Authentication checked
>
> In web.config file
> I have windows authentication
> and
> <identity impersonate="true" />
>
>
> Thanks,
> Raj
>



 
Reply With Quote
 
 
 
 
aa7im
Guest
Posts: n/a
 
      12-08-2004
Are the users accessing this machine all on the same Windows domain?

 
Reply With Quote
 
Joyjit Mukherjee
Guest
Posts: n/a
 
      12-08-2004
Ok..I got it, thats the default behavior for Internet zone security. If you
want a bypass, in IE, Click Tools -> Internet Options -> Security Tab ->
Internet -> Custom Level -> User Authentication -> Automatic logon with
current username and password. But thats a security breach and shouldn't be
practised.

Joyjit

"Joyjit Mukherjee" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi,
>
> Do you have any <deny/> element under the authorization tag ? It seems

that
> you are denying users so that IE pops up the window to enter username /
> password.
>
> Let me know your Web.config entry.
>
> Joyjit
>
> "Raj Thakkar" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...
> > Hi,
> > I am currenty working on a site for intranet.
> > I have a user control in the header of every page that will be
> > displayed only if people with certain username are surfing the site.
> > These lists of usernames is stored on the server side in a xml based
> > file
> >
> > So what I am doing at the moment is inside the user control pageload
> > method, i get the username of the current person logged in using
> > HttpContext.Current.User.Identity.Name and if the username is within
> > the list of 'allowed-access-usernames', I continue loading the
> > usercontrol else I set its visibility to false
> > so they can't see it.
> >
> > It all works fine if I try to access the site from localhost.
> > The application grabs my windows username and verfies it against the
> > list, if i am present in the list, I see the control else I don't
> >
> > The problem comes when I try to access the site from different machine.
> > As soon as i try to access the page, IE pops up a window asking for
> > username and password which I don;t want to.
> > I want to just grab the username of currenty logged in user on the
> > machine and give it to the server.
> >
> > Can anyone help me how do i achieve this?
> >
> > BTW, I am doing this using windows authentication.
> > In the IIS 5.1, I have
> > Anonymous Access unchecked
> > Integrated Windows Authentication checked
> >
> > In web.config file
> > I have windows authentication
> > and
> > <identity impersonate="true" />
> >
> >
> > Thanks,
> > Raj
> >

>
>



 
Reply With Quote
 
Patrick Olurotimi Ige
Guest
Posts: n/a
 
      12-08-2004
Since u have impersonated the USER..(thats good)
But i think u should make sure the computer has ASPNET account!Or add
the computer to this acct!
That process needs to run!
Hope it helps..
Patrick
** is the machine on the same DOMAIN?**


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
Prodip Saha
Guest
Posts: n/a
 
      12-08-2004
Raj,
I think the problem is little different and simple. With Impersonation set
to True, you (impersonated account) must have the read access to the xml
file on the IIS server or whereever your xml file is located. To identify
this behavior you can grant yourself read permission to the folder where the
xml file is located but don't grant permission to others. Now only your
should be able to see the user control. If that's the case, you can grant
folder permission to everyone (if that's does not cause harm).

Note: If you don't impersonate make sure the ASPNET account has read access
to the xml file folder.

Hope this help.
Prodip Saha

"Raj Thakkar" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi,
> I am currenty working on a site for intranet.
> I have a user control in the header of every page that will be
> displayed only if people with certain username are surfing the site.
> These lists of usernames is stored on the server side in a xml based
> file
>
> So what I am doing at the moment is inside the user control pageload
> method, i get the username of the current person logged in using
> HttpContext.Current.User.Identity.Name and if the username is within
> the list of 'allowed-access-usernames', I continue loading the
> usercontrol else I set its visibility to false
> so they can't see it.
>
> It all works fine if I try to access the site from localhost.
> The application grabs my windows username and verfies it against the
> list, if i am present in the list, I see the control else I don't
>
> The problem comes when I try to access the site from different machine.
> As soon as i try to access the page, IE pops up a window asking for
> username and password which I don;t want to.
> I want to just grab the username of currenty logged in user on the
> machine and give it to the server.
>
> Can anyone help me how do i achieve this?
>
> BTW, I am doing this using windows authentication.
> In the IIS 5.1, I have
> Anonymous Access unchecked
> Integrated Windows Authentication checked
>
> In web.config file
> I have windows authentication
> and
> <identity impersonate="true" />
>
>
> Thanks,
> Raj
>



 
Reply With Quote
 
Patrick Olurotimi Ige
Guest
Posts: n/a
 
      12-08-2004
Raj,
But is your problem the XML not rendreing to the page or u are being
asked to Authenticate with a LOGIN POPUP....
Because with XML to render u have to put the full path for example
c:\Xmlfiles\Xml\code.xml if u just add code.xml it WON't WORK..unless u
have Anonymous Access..
Patrick




*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
Raj Thakkar
Guest
Posts: n/a
 
      12-09-2004
Thanks alot to everyone for the quick response. I seem to have solved
the problem.

I made a couple of mistakes.

a)
I didn't read the IIS and IE help pages properly.
It clearly stated there that Integrated Windows Authentication wouldnt
work using Proxy Server.

I didn't configure the IE on my Laptop to bypass proxy for intranet. I
was using my laptop to connect to the server. So of course it was going
without by passing the proxy and Integrated Authenication wouldn't work
then.

b)This was really stupid on my part. From my laptop, I wasn't logged in
as the same domain user as the server domain. I was logged in as a user
on the local computer. Really can't believe i overlooked this bit. So
the server kept asking me for username and password because the local
user account cou;dn't be verified under server domain.

I made the necessary changes and it works like a charm.
Thanks everyone again.

Raj

 
Reply With Quote
 
Patrick Olurotimi Ige
Guest
Posts: n/a
 
      12-09-2004
Raj good u solved it!
Enjoy!
Patrick



*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to run Python in Windows w/o popping a DOS box? Geert Vancompernolle Python 1 01-01-2009 06:45 PM
How to run Python in Windows w/o popping a DOS box? Paul Rubin Python 18 09-09-2006 08:38 PM
Need help on popping up a java script popup box when clicked on a LinkButton. Learner ASP .Net 3 06-30-2006 04:42 PM
Login box popping up! VB Programmer ASP .Net 4 12-08-2004 01:21 AM
Switching between http and https popping up a login box Tony Wright ASP .Net Security 0 05-28-2004 12:24 AM



Advertisments