I have an ASP site that I want to password protect for a few users (about 10). I want to use Windows Authentication, but I don't want to use the built in generic pop up login box. I want to use a web form to collect their login credentials. I haven't had any success in finding code that allows me to do this. I will be using the Request.ServerVariables("remote_user") to show their username on the site. Do you know how I can bypass the Windows Authentication login form and use my own custom web form for authentication with Windows?
Thanks
ANSWER: Hi,
To get the users windows login id you would have to set Windows integrated Authentication on the page or the directory you are trying to protect. The only time a user would be prompted for a username or password is if the user was coming from another domain or wasn't logged in.
Unfortunately there is no way around this, if I understand the question correctly. Are all the users logged on to the same domain?
Thanks
---------- FOLLOW-UP ----------
QUESTION: Hi,
There are several devices on the market like SonicWall that have their own login form, but pass it through to Windows for authentication. How do they do it?
Thanks
ANSWER: Ok,
Are your users logging on to the network?
You can try and bind directly to active directory. I did this recently to allow employees to update the contact details on the exchange server. I won't recommend you research LDAP, this will help your alot.
Can you give me details of your network setup?
---------- FOLLOW-UP ----------
QUESTION: The users all work from home. We currently use a VPN box like a SonicWall that they log into which logs them into the network, then they are redirected to the intranet site where they can do their work.
The problem we are having is we want to be able to log all changes with the username. The Request.ServerVariables("REMOTE_USER") and Request.ServerVariables("LOGON_USER") don't report the username because the site is currently set up for anonymous browsing (it can't be accessed without going through the VPN device, so it is secure). If I turn off "Enable anonymous access", then a Windows authentication box pops up and my boss doesn't want two logons. The site uses an SSL certificate, so I would like to eliminate the VPN box as we are having problems with it on another application anyway and create my own logon screen that authenticates using Windows avoiding the Windows pop up logon box.
I figured I would have to use something with LDAP, but wasn't sure where to start.
Any help would be greatly appreciated.
Thanks
Answer Ok, when they logon to the network, do they use the Remote Desktop to browse and work from home on? If you turn Enable anonymous access, IIS doesn't know who you are and where your coming from, hence the login. Have you tried enabling Windows integrated Authentication. This is the only way to get the users username ie domainname\username.
