I have a web portal for employees to update their data. People log in there with Active Directory credentials, and I set an OWIN cookie for authentication. All this is done on the MVC login page, which is not related to Windows authentication in IIS.
Now the company’s browser is Internet Explorer and is configured to automatically log in to other Windows authentication sites without asking for a password. This happens when people use the company’s PC and register with their domain accounts. And if they work from home, a Basic Authentication request requests credentials on these systems.
Now I would like to implement automatic authentication when users register in their Windows accounts from work PCs and are present on the login page if they work from home.
I know about 401 errors and authentication, but I never started with this through ASP.Net. I have seen solutions where the user is redirected to a page where IIS is configured for Windows authentication, but I want this to be done without IIS configuration. I also remember that I saw someone mention a solution where the page loads in the <iframe> , where basic authentication is checked, and if authentication was successful, then redirect the already authenticated user to the destination page.
So, my question boils down to the following: Is there a way to initiate (and end) a 401 call for basic authentication with a specific controller action? And then connect to the Controller.User.Identity property to set the OWIN cookie?
UPD: According to the comments: I want Kerberos (Windows Authentication) to work when users are on the domain network, so they are automatically logged in. But I do not want Windows authentication to occur when users are not on the domain network, instead I want the user login page with the password settings to be reset and logged in (taking into account employee verification).
source share