This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 50%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
I have an intranet application written int ASP.net core, when I run this application on localhost, I get a pop window asking me to authenticate and once I enter my domain name\my username and password then it authenticates me and lets me run the application. Basically, I enter my Windows username and password and then I can see the application. Below is the screen of what I am getting:
this is what I tried:
This is what I have in web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
<runtime>
</runtime>
</configuration>
Since this is happening in localhost. Below is the screenshot of IIS express settings:
any help will be greatly appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 78%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBZ%3C/text%3E%3C/svg%3E)
Could you please tell me how you host your application inside the IIS or else? Did you enable the windows authentication inside the program.cs? Like this builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme) .AddNegotiate();
Hi @Brando Zhang-MSFT ,
This is slightly old application so I have stratup.cs in my application. Below is the code of the startup.cs. I also modified my original questions showing my web.config file and IISExpress settings screenshot:
public class Startup
{
public IConfiguration Configuration { get; }
private const string DefaultConnection = "DefaultConnection";
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<AckPackage.Data.AckContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString(DefaultConnection)));
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
//services.AddAuthentication(options =>
//{
// options.DefaultAuthenticateScheme = IISDefaults.AuthenticationScheme;
// options.DefaultChallengeScheme = IISDefaults.AuthenticationScheme;
//});
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();
services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
});
services.AddHttpContextAccessor();
services.AddControllersWithViews();
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(120);
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
services.AddRazorPages();
//services.AddMvc().AddRazorRuntimeCompilation();
services.BindingAppServices(Configuration);
services.Configure<Microsoft.AspNetCore.Http.Features.FormOptions>(x =>
{
x.ValueLengthLimit = int.MaxValue;
x.MultipartBodyLengthLimit = int.MaxValue; // In case of multipart
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Employee}/{action=Create}/{id?}");
endpoints.MapRazorPages();
});
// app.MapRazorPages();
}
Probably Basic Authentication is enabled and Anonymous Authentication is disabled. If you use IIS or IIS Express check the Authentication settings of the site.
This is in localhost. I havent published the code yet.
This is in localhost. I havent published the code yet.
It does not matter. I understand that you use IIS Express. According to the code of web.config file you added to your question, Windows Authentication is enabled and Anonymous Authentication is disabled. That is why.
Hi @SurferOnWww ,
I added more details in my question. This is only happening in my localhost. I added the web.config file and also, IISExpress settings in my original question.
Hi @SurferOnWww ,
so are you saying, I should disable windows authentication and enable anonymous authentication?
so are you saying, I should disable windows authentication and enable anonymous authentication?
Yes. Please try and let me know the result.
Hi @SurferOnWww ,
This is an intranet application. I cannot enable anonymous authentication.
I don't understand your issue.
Hi @SurferOnWww ,
This application is an intranet application. This is not a public facing application. I am getting employees name from active directory in this application and displaying those names. In order to do that, I need windows authentication.
I still don't understand your issue. Are you saying that the windows authentication is indispensable but user does not want to login every time he accesses the web site? If so and the web server and all users belong to active directory domain environment, why don't use the integrated windows authentication and enable the single sign on?
Hi @SurferOnWww ,
Yes, user does not want to login every time when he access the web site. I am using authentication and have single sign on. Still, I am prompted for those credentials.
It seems to me that the integrated windows authentication is not working properly due to setting issue in your environment. I cannot help.
Hi @Anjali Agarwal,
According to your screenshot, you could find you have enabled the windows authentication inside your application.
You have enabled both using the web.config(IIS express) and your startup.cs.
If you don't want to use windows authentication, you set the web.config as below and remove the related codes inside the startup.cs:
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
<runtime>
</runtime>
</configuration>
Remove below line:
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme) .AddNegotiate();
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I want to use windows authetication.
OK, do you mean you still want to use windows auth , but you don't want that popup? If this is your requirement, you need check your edge settings to make sure you have enabled automatically logon with current username and password in internet options.
Hi @Brando Zhang-MSFT ,
The image that you sent me might work, but my networking team is not letting me do this. is there any workaround on the coding side?
Hi @Brando Zhang-MSFT ,
I found the above image settings in control panel. My networking team is saying, I am not allowed to change this settings in control panel. Can I change it in chrome or Edge. Can you show me the screen shot of changing it in chrome or edge.
Yes, you could directly search it inside the edge settings, and select it like below:
Hi @Brando Zhang-MSFT ,
Thanks for your help! I found the setting, but I cannot change it because of my organization's policy. Can I code something in startup.cs or program.cs file so that I am authenticated right away? I pasted my entire startup.cs file in my original question.
Hi @Anjali Agarwal,
This is windows authentication which is based on the system, the .net core is just use it, the only way is what I suggested let the browser auto login in, one possible way is inside the development environment you don't use windows auth and enable it inside the production environment by modifying the web.config or using if (env.IsDevelopment()).
Hi @Brando Zhang-MSFT ,
How can I do the browser auto log in? This is what I have in LaunchSettngs.cs:
{
"profiles": {
"EmployeeRatings": {
"commandName": "Project",
"launchBrowser": true,
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
},
"applicationUrl": "https://localhost:56103;http://localhost:56104"
}
}
}
or how can I alter the web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--
Configure your application settings in appsettings.json. Learn more at http://go.microsoft.com/fwlink/?LinkId=786380
-->
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false" hostingModel="InProcess">
<environmentVariables>
<environmentVariable name="ASPNETCORE_HTTPS_PORT" value="44310" />
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</configuration>
if you can tell me the exact code. I will go with auto log in. Auto login in web browser will resolve my issue. but not sure how can I do this.
The only way to let you automatically login in windows auth is modifying the edge permission. Modifying the codes couldn't help you automatically login in windows auth. My suggestion is not use windows auth during the development environment, but it seems you must test with it. Please contract your IT admin to allow you modify the edge settings, there is no code could achieve your requirement.