ASP. NET-use integrated Windows Authentication

When writing a web application, identity authentication is often a tedious task. For an Intranet site, we only need to authorize it as an internal user, it is unnecessary to write your own identity authentication.

ASP. NET can work with IIS to authenticate users based on Windows2000 or Windows2003. The ASP. NET execution engine can also be configured to simulate this authentication.

The following example shows how to use integrated windows Identity Authentication in ASP. NET.

1. Create a new web project: sample1, and confirm the Authentication mode = "Windows" in the web. config file"

2. Create a label under webform1 and name it labelusername

Compile the following code in the background page_load event:

This. labelusername. Text = "your login name:" + this. User. Identity. Name;

After running, the result is: your login name:, but no name is displayed, because IIS does not configure integrated windows identity authentication.

3. To enable IIS to support Windows identity authentication, You need to configure the Directory Security Attribute of your site,

1. Cancel Anonymous Access
2. Set windows Integrated Identity Authentication.

Run the command again and get the result: your login name: domain1/user1. At this time, as long as the account in the same domain has the permission to access this page. But sometimes, you only need to grant permissions to one or several groups of users. How can this problem be set?

4. Configure allow and deny

<Configuration>
<System. Web>
<Authorization>
<Allow roles = "domainname/managers"/>
<Deny users = "*"/>
</Authorization>
</System. Web>
</Configuration>

In this way, only some groups in the domain can be accessed. This authentication method is very useful for Intranet web programs.