Search code examples
c#windows-authenticationasp.net-core-3.1

Windows authentication auto login in .net core API

I want to do auto login to .net core API using windows authentication.

I have enabled windows authentication and rest all authentication is kept disabled. now I am trying to run the API. its prompt popup for enter the credentials for login.

I do not want any popup which asks users to enter login details. its should auto authenticate using the current login user. however, if I enter login details in that popup, still it's not getting authenticate, it keep asking me to enter the credentials.

Tried approach:

  • In IIS, application pool's identity set custom account, (current login account which is administrator)
  • Enable Anonymous authentication along with windows authentication. (when I do this then API does not give popup for login but its give null object for User.Identity.Name)

Reference: I have implemented windows authentication by referring to this article

Note: When I run API from visual studio (IIS Express) its works fine, but when I host API to local IIS, then I am facing a challenge as I described above

Solution

  • You have to whitelist a domain specified in the hosts file in order for windows authentication to work:

    1. Click Start, click Run, type regedit, and then click OK.
    2. In Registry Editor, locate the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
    3. Right-click Parameters, click New, and then click DWORD (32-bit) Value.
    4. Type DisableStrictNameChecking and press ENTER.
    5. Double-click the DisableStrictNameChecking registry value and type 1 in the Value data box, click OK
    6. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
    7. Right-click MSV1_0, point to New, and then click Multi-String Value.
    8. Type BackConnectionHostNames, and then press ENTER.
    9. Right-click BackConnectionHostNames, and then click Modify.
    10. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
    11. Quit Registry Editor, and then restart the IISAdmin service.