Geeks With Blogs
Developers Friendly

When we are building any intranet web application, it is always better go with windows authentication in order to authenticate user against AD(Active Directory). With windows authentication enabled its very easy to authenticate and authorize user.

To enable Windows Authentication in Asp.Net web application below changes need to be done:

Set authentication mode to “Windows” and impersonate to “True” in web.config file under <system.web> node

Or the same can be done in IIS. For that, select web application from the list and for the selected application in right panel select “Authentication” option.


Under “Authentication” enable “Impersonation” and “Windows Authentication”

Once, windows authentication is enabled then we need to use it in code for authentication and authorization purpose.

For Authentication:

//Obtain the authenticated user's Windows token.

IIdentity WinId = HttpContext.Current.User.Identity;

//To get LoggedIn user details

WindowsIdentity identity = HttpContext.Current.Request.LogonUserIdentity;

//Sets Machine logged-in username to private variable

_userName = identity.Name;

//Returns "True" if user is validated against AD else returns "False".
                return identity.IsAuthenticated;

For Authorization:

//Can perform role-based authorization in code either by performing explicit role checks (User.IsInRole or Roles.IsUserInRole), or by using PrincipalPermission demands.

//Ways to perform role based authorization


var user = (WindowsPrincipal)User;
if (user.IsInRole(WindowsBuiltInRole.Administrator))
    //user is an administrator

Windows provides set of built-in roles for authorization

Complete Implementation:

Hope this helps.


Posted on Tuesday, September 23, 2014 12:57 AM .NET , HTML , IIS | Back to top

Comments on this post: Windows Authentication in Asp.Net Web Application

# re: Windows Authentication in Asp.Net Web Application
Requesting Gravatar...
I already have a website with form authentication. This is bought from a vendor so if i ask them to change it to windows authentication again there will be a charge for that. Is there a way I can implement windows authentication over the existing website.

Left by Krishna on Jul 28, 2015 5:57 PM

# re: Windows Authentication in Asp.Net Web Application
Requesting Gravatar...
Hi Krishna,
If you could specify who is handling deployment and code base we can think of something. If you are handling deployment then we can simply follow the steps in this post that should do the job.
Left by Manjunath on Jul 30, 2015 9:53 AM

Your comment:
 (will show your gravatar)

Copyright © Manjunath K | Powered by: