I am working on an internal project that has to authenticate users based on our directory. Originally this was working with these changes:
Web.Config
<system.web>
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
And in each controller I would add
[Authorize(Roles = @"DOMAIN\Group1, DOMAIN\Group2, DOMAIN\Group3")]
I have windows auth enabled and anon auth disabled in the proj file
Then I got an issue that people in group 2 and 3 couldn't access. In going back to test why this was the issue, it has degraded to the point of not working. It now asks me to log in using the old method, and if enter the correct domain credentials or even the account tied to that it denies access.
The only changes between now and the last test on my end is that our office moved and I had to reset the VM I worked from. On the customer end nothing should have changed.
Here's what I've tried so far and how it's failed:
// In filters.config
filters.Add( new AuthorizeAttribute() { @"DOMAIN\Group1, DOMAIN\Group2, DOMAIN\Group3" });
user = System.Web.HttpContext.Current.User.Identity.Name;
Any advice is appreciated, I've spent 2 days on this so far and can't find anymore articles or previous questions that provide anything new to try. If any code snippets are required to help with finding the issue I can provide.
Looks like it was related to my network connection at the new office. I was disconnected from my domain. Used this bit of code to verify I wasn't in a forest/domain.
Forest forest = Forest.GetCurrentForest()
It threw an error saying I have no current domain.
I'm guessing the error from the other 2 groups not validating is related to the group names but that's a different issue.