I've seen this on the internet, it looks like what I want but it has not been answered:
Similar :
"Good, I have a web application made with ASP.NET and C #. The application will be deployed in an IIS 7. This application can access people from the intranet and from outside, from the internet.
Initially, I had the form authentication implemented, and every user that connects to the web is redirected to the login.aspx page.
So far so good.
Now I want to make the intranet part of the domain server, so if a user of the domain comes in, do not ask anything, neither username nor password nor redirect to the login page, assuming that the user is already logado. Actually what I'm going to do is not validate it through the AD of the server, but I'll take the name of the user and check my database if that user has permission or not.
My problem is that if I disable the anonymous authentication in iis7 and I put it in Windows authentication so that it takes the user that was logged in the machine, when I access the Web page, I get a dialog box to insert the user and password, and it does not detect the windows user who logged in. It forces me to always insert a username and password, which if it's correct, shows me the page.
I want to know if the user who accesses the web belongs to the domain, if it is to take the user and validate it against my database and if it is not from the domain, send it to the login.aspx page and log in if has user / pass. "
Response partial:
I can do the following in the explorer:
tools / Internet options / security / custom level / User Authentication / Logon and activate Automatic login with current user name and password. It works Perfect!
It works exactly as I want but the problem is that I can not do this on all computers and not all have the windows explorer browser. Even more the application is distributed on the internet and I can not manipulate this. Then:
Question: Environment: ASP, IIS, LDAP, Internet
Instead of using a login window, I want to read the user already logged in to a domain.
I have tried to read the user with my application but my application runs on a web server and the user of that server reads it and not the local user of the browser.
In other words: If the user already logged in on windows, I do not want him to log in again on the web server, I do not really want him to take the domain or the user, I want him to read me the groups he belongs to or that I compare the group of the web server with the group that the user has in the domain to see what tasks the user could do.