When does ASP.NET authentication occur?

I have an application where I display every Active Directory group that the current user belongs to. When I have my config setup like this:

    <authentication mode="Windows"/>
    <authorization>
        <deny users="?"/>
        <allow users="*"/>
    </authorization>

It works fine. When it's like this:

    <authentication mode="Windows"/>
    <authorization>
        <!--<deny users="?"/>-->
        <allow users="*"/>
    </authorization>

No groups are found. Why does this make a difference? Does asp.net only authenticate if we are specifically denying access to unauthenticated users?

If it helps this is how i'm getting the groups:

    protected string GetUserGroups()
    {
        StringBuilder userGroups = new StringBuilder();
        ArrayList groupMembers = new ArrayList();
        DirectoryEntry root = new DirectoryEntry("LDAP://myldap/DC=nc,DC=local");
        DirectorySearcher ds = new DirectorySearcher(root);
        ds.Filter = String.Format("(&(samaccountname={0})(objectClass=person))", User.Identity.Name.Substring(User.Identity.Name.LastIndexOf(@"\") + 1));
        ds.PropertiesToLoad.Add("memberof");
        try
        {
            foreach (SearchResult sr in ds.FindAll())
            {
                foreach (string str in sr.Properties["memberof"])
                {
                    string str2 = str.Substring(str.IndexOf("=") + 1, str.IndexOf(",") - str.IndexOf("=") - 1);
                    groupMembers.Add(str2);
                }
            }
        }
        catch
        {
            //ignore if any properties found in AD  
        }
        return String.Join("|", (string[])groupMembers.ToArray(typeof(string)));
    }

Answers


I may be wrong, but I believe this is how it works:

The first time a browser hits a site it does so as anonymous.

If the server says that anonymous isn't allowed, the browser then sends the users windows credentials.

If those credentials don't pass muster, then the browser pops up the login box or (depending on the application) sends them over to a login page.

So, because your site allows anonymous, all of the users are coming in that way.


Need Your Help

How to make an transparent element overlap other elements?

css transparency

I am trying to create an element which has the same color as the background (even if the background has multiple colors) but it still overlaps some elements.

Is there anyway to have an HTML variable like this?

html variables

I am working in a webpage where client scripting is not allowed. This webpage uses a very huge verbose tag in the shape of:

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.