I know very little about authentication so any help would be appreciated.
I have a small web application (IIS4) that will be on my companies intranet. The goal is to prevent users from having to login.
Ideally I would like anyone in my company to have access to this application even if they are not set up on the hosting server. So I set up the application to use Anonymous Authentication.
My application requires that each user be identified by a userid so modifications can be associated with a user. A list of userids is stored in a database. When someone accesses the site I would like to grab their network userid and try to verify that against my application database. If a match is found I can use this userid in my application. If no match is found I can prompt the user to create a new userid in my database or have the user login under a different userid.
My problem is if I use Anonymous Authentication I can't detect a userid. If I use Basic or NT authentication the user has to pass a more complicated login (domain\name and password) and must be setup on the server.
Is there anyway to prevent a login? Additionally, there are other applications on this server so I don't have control over the domain.
thanks,
Brit
I have a small web application (IIS4) that will be on my companies intranet. The goal is to prevent users from having to login.
Ideally I would like anyone in my company to have access to this application even if they are not set up on the hosting server. So I set up the application to use Anonymous Authentication.
My application requires that each user be identified by a userid so modifications can be associated with a user. A list of userids is stored in a database. When someone accesses the site I would like to grab their network userid and try to verify that against my application database. If a match is found I can use this userid in my application. If no match is found I can prompt the user to create a new userid in my database or have the user login under a different userid.
My problem is if I use Anonymous Authentication I can't detect a userid. If I use Basic or NT authentication the user has to pass a more complicated login (domain\name and password) and must be setup on the server.
Is there anyway to prevent a login? Additionally, there are other applications on this server so I don't have control over the domain.
thanks,
Brit
