We have a website that should only be accessed by authenticated active directory users. The first thing that should happen when entering the site is a prompt to enter windows credentials.
To accomplish this, we've only enabled windows authentication and turned impersonation on.
It looks like this in the config:
<system.web>
<identity impersonate="true"/>
<authentication mode="Windows"></authentication>
</system.web>
Which shows up like this in IIS:
But, whenever I navigate to the page, I am not prompted credentials and it uses the server name as the user instead.
What else can I change?
We're using Windows Server 2012 R2 Datacenter
We're using Internet Information Services v 8.5
This is an ASP.NET MVC application using .NET 4.5 Integrated
I'm hoping to get this as soon as someone hits the page:
Our issue was actually that we were using Integrated Windows Authentication which automatically passed the credentials of the logged on user to the server.
In order to prompt the user for credentials, we enabled Basic Authentication to pass the login information to the server, which then used the login info and windows active directory to authenticate.
Remove this line:
Restart the web server and it should prompt you for login/password.