Hi,
Windows Authentication is not working properly for my web application. Below I have given the configuration details. Any help would be greatly appreciated.
* My web application is designed to use windows authentication and allow users access if they belong to a particular AD security group. In my web.config, I specify this by:
<authorization>
<allow roles = "domain\group"/>
<deny users = "?"/>
</authorization>
* My web application resides on a web farm using IIS 7.5. I am using a AD service account for the application pool. I have created an SPN for the app pool identity (domain service account).
* I have updated the ApplicationHost.config file on each of the web farm servers, located at: C:/Windows/System32/inetsrv/config/ApplicationHost.config, with the following:
<windowsAuthentication enabled="true" useKernelMode="true" useAppPoolCredentials="true" />
* I then enable windows authentication on the root of my website (not IIS root).
* I put the following into my code to try to help troubleshoot what is happening: When windows authentication is enabled I get
HttpContext.Current.User.Identity.Name = null
WindowsIdentity.GetCurrent().Name = null
When I disable windows authentication and enable Anonymous I get:
HttpContext.Current.User.Identity.Name = null
WindowsIdentity.GetCurrent().Name = domain\service account (the account that is running the application pool)