What I did so far:
Created the website with this web.config (this is just the settings part, not the entire file :) )
<appSettings>
<add key="webpages:Version" value="3.0.0.0"/>
<add key="webpages:Enabled" value="false"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
<add key="autoFormsAuthentication" value="false"/>
<add key="enableSimpleMembership" value="false"/>
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.6.2"/>
<httpRuntime targetFramework="4.6.2"/>
<authentication mode="Windows"></authentication>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Created a controller:
[Authorize(Users = @"myPcName\myUserName,skynet\Simple")]
public class AuthenController : Controller
{
[Authorize(Users = @"myPcName\myUserName")]
public ActionResult ForAdministrator()
{
return View();
}
[Authorize(Users = @"myPcName\Simple")]
public ActionResult ForUser()
{
return View();
}
}
I got my credentials by : cmd -> whoami
I even added my site to Local intranet in intranet options, and also:
it just keeps prompting me again and again for credentials:
just to try to help anyone who bumps into this question: what I did that solved the problem was: click the project in VS. press F4 to go to properties Set "Anonymus Authentication" as Disabled
in web.config:
<authentication mode="Windows"></authentication>
<authorization>
<allow users="*" />
</authorization>
and in your controller:
[Authorize(Users = @"pcName\user")]
public ActionResult ForAdministrator()
{
return View();
}
// Authorization with windows authentication (user)
[Authorize(Users = @"pcName\user")]
public ActionResult ForUser()
{
return View();
}
where pcName is the name of your pc (not the WORKGROUP!)
In that way you can control who is allowed (since Anonymus Authentication is disabled).
Hope it helps someone. Rotem