I'm developing an ASP.NET MVC application whose access permissions will be managed from the parameters defined for users in Active Directory (AD) .
In order to search for this data from AD I have developed methods that send the UserName of the user (in our case a registration) and returns the complete data (department, full name, etc.). >
Authentication is performed through Windows Authentication , and UserName searches through the following code in the Session_Start method of the Global.asax :
var matricula = (Request.IsLocal && HttpContext.Current.IsDebuggingEnabled) ? Environment.UserName : User.Identity.Name.Split('\')[1];
My web.config is configured as follows:
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
</system.web>
The point is that even using Windows Authentication the system opens a browser-generated authentication form in which the user enters their user and password for re-authentication to occur. company network.
Note: In the company we basically use Mozilla Firefox and IE (Chrome is used in only a few units / branches). We need the authentication rule for both browsers. The tests I did were on Firefox .
However, considering whether you are dealing with an application on the company intranet, the business rules and the fact that the user has already logged in to the station and is authenticated in the domain of the company, authentication should not be necessary.
Considering this situation, I ask for help to clarify if there is any configuration error in the project that is causing this sporadic opening of the browser authentication form or if there is a lack of configuration.
