windows-authentication

Suppress NTLM Authentication Dialog

by

Code I have created a login page that combines Forms Authentication with Integrated Windows Authentication. public partial class Login : System.Web.UI.Page { // http://www.innovation.ch/personal/ronald/ntlm.html // http://curl.cofman.dk/rfc/ntlm.html // http://blogs.msdn.com/b/chiranth/archive/2013/09/21/ntlm-want-to-know-how-it-works.aspx protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.Headers["Authorization"].IsNullOrEmpty()) { Response.StatusCode = 401; Response.AddHeader("WWW-Authenticate", "NTLM"); Email.SendMailToDebugger("Auth", "No Auth"); //Response.End(); } else if (Request.Headers["Authorization"].StartsWith("Negotiate")) { … Read more

runAllManagedModulesForAllRequests = “true” killing windows authentication in IIS7

by

We have windows authentication set up on our staging server for our clients to help prevent google from indexing our staging URLs. We recently found out that one of our sites is seemingly ignoring our IIS settings (anonymous authentication is disabled, windows authentication is enabled). We ended up figuring out that removing the setting runAllManagedModulesForAllRequests=”true” on the modules node (which is required for our URL rewriting on the site) fixes the issue and the windows login/password box appears as expected when we browse to the site. If we keep the setting there, the site allows any anonymous user to browse the website.

3 requests for every resource (2 x 401.2 and 1 x 200) in a windows authenticated asp.net mvc app

by

I was trying to track down why my site was so painfully slow in IE9 when I pulled out Fiddler and realised that every request is being sent 3 times (twice I get 401.2 and then a success). I verified this happens on all browsers, its just that Chrome’s speed was masking this (or it could be that this has nothing to do with my sites performance issues in IE).