User login in asp.net MVC using windows authentication without prompt

Altalia Narrantes 6 Reputation points
2021-06-10T09:42:34.85+00:00

We want to host ASP.NET MVC 5 project (.NET 4.8 Framework) where users will be automatically authenticated via their Windows login. When the users call the hosted project via the browser, then the browser should not prompt the user to login. The browser should pass the login-data to the server-side controller automatically.

Regarding this article, the Integrated Windows Authentication uses the security features of Windows clients and servers. Unlike Basic or Digest authentication, initially, it does not prompt users for a user name and password.

So the Integrated Windows Authentication seem to be the correct solution for our problem.

The MVC 5 Project has the following entry in the web.config file: Here are the authenciation settings in IIS:

104145-ygadj.png

The Problem: When we access the site in the browser via the binding http://192.168.178.41 then we expect, that the user is logged in automatically, but an prompt appears:

104070-xkqh1.png

How to login in asp.net MVC using windows authentication without prompt?

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,158 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,253 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,121 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AgaveJoe 26,201 Reputation points
    2021-06-10T11:01:18.203+00:00

    Silent login works in browser that have Windows Authentication enabled and when the browser is on the same domain as the server. There can be other configuration issues as well.

    https://forums.iis.net/t/1234764.aspx?Disable+asking+user+credentials+in+windows+authentication
    https://stackoverflow.com/questions/5402381/receiving-login-prompt-using-integrated-windows-authentication

    0 comments
  2. Yijing Sun-MSFT 7,066 Reputation points
    2021-06-11T06:44:00.81+00:00

    Hi @Altalia Narrantes ,
    As far as I think,you need to make changes to your browser configuration.

    1.Open Internet Explorer, select the Internet Options menu item and open the Security tab of the popup window.

    1. Click the Local intranet icon and then click the Sites button and a new window will open.
    2. Click the Advanced Button and a new window will open.
    3. Enter the URL in the upper input box, click the Add button. Then enter a URL and click the Add button again. Then click the Close button and then click OK out of the
      previous window.
    4. Select the Security tab at the top then select Custom Level again. Scroll down to User Authentication and select Automatic logon with current user name and
      password. When finished select OK.
    5. Select the Advanced tab at the top then select the box Enable Integrated Windows Authentication* and click Apply.
    6. Restart.

    Best regards,
    Yijing Sun

    If the answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  3. PatriceSc 166 Reputation points
    2021-06-11T08:05:10.367+00:00

    Hi,

    Windows authentication happens for intranet sites and using an IP address likely prevent to detect that.

    If I remember it is considered part of the intranet zone if you don't have any dot in the name ie try to use using https://myserver rather than its IP.

    It might work for https://myserver.company.net for example but I believe that even in this case your company must use a GPO to configure all PC in your compay to consider that *.company.net sites are part of the intranet zone.

    prompt-for-username-and-password could alos perhaps help.

    0 comments