Problems setting up windows authentication.
We are attempting to evaluate SiteFinity for use as an internal staff portal. Our required configuration is that all users will authenticate to the site using their domain credentials, but that authorization will still be managed in SiteFinity using SiteFinity roles, not active directory groups. Our test platform for evaluation purposes is a dev box running windows 7 and iis 7.5. We have a clean install with only a templateless home page defined. This page only has the Login Name and Login Status controls on it. The only accounts are the admin account created during installation and an domain account as describe below.
To set up windows authentication, I have followed the directions provided in the developer manual (http://www.sitefinity.com/help/developer-manual/windows-authentication.html). The document is targeted at IIS6 but the steps easily translate to 7.x. Prior to doing this, while still setup for forms auth, I added a new administrator account to SiteFinity with a user name of "OurDomain\MyLogon". One additional change I had to make in order for this to "work" was to add the traditional <authorization><deny users="?" /></authorization> to the web config. to force the site to send a challenge (401 response) to the browser. With this in place, while the browser is sending back the appropriate credentials in response to the challenge, I continue to receive a 401 response in return. The very odd thing is, without the authorization rule to deny anonymous users, forms authentication continues to work even with <authentication="windows" /> set and all other forms of authentication disabled in IIS.
I have an test web application installed beside the sitefinity application in the same web site. It is configured identically with respects to IIS and file permissions and contains only a default.aspx page and a basic web.config (sets windows auth and denies anon users), The aspx page simply contains <%:System.Threading.Thread.CurrentPrincipal.Identity.Name%> This test site works correctly with windows authentication, so this seems to be an issue internal to the SiteFinity web application.
Can anyone please provide additional guidance?
Hello Ken,
We do not support Windows authentication right now. We are going to implement it as soon as possible We support Active Directory authentication , but the user should provide their credentials for now. If you want to secure the public pages you could do it through permissions.
The link to the documentation which you provide is for SF 3.x. The documentation for SF4 is located here :
Documentation For SF 4.0
Best wishes,
Teodor
the Telerik team
Can you give us some indication as to when Windows authentication will be supported?
Hello Chris,
Windows Authentication will be supported in the Q1 official release due next week on 13th April.
Please, check our web site for announcement of this release.
All the best,
Kalina
the Telerik team
@Ken: GOOD LUCK - I resignated just now .....
http://www.sitefinity.com/devnet/forums/sitefinity-4-x/bugs-issues/problems-with-restricted-page-access-for-special-users-and-their-roles.aspx
Regards, Robert