Allow login to app using IIS only for some usersRSS

3 replies

Last post Sep 16, 2020 03:26 AM by Jalpa Panchal

  • Allow login to app using IIS only for some users

    Sep 12, 2020 11:07 PM|Susja|LINK

    I have an app, e.g. SL. It's running on Web Server 2016 using IIS 10.0. SL has it's own authentication method. I don't want that any user with SL account be able to login. I want only those accounts that have Windows Authentication. I have ca My goal: 1. create account for SL for a few users 2. enable Windows Authentication in IIS 3. list those users in IIS My expectation: only users listed in IIS will be able to login into SL I prefer not to change web.config directly. In case it's the only option ... how should I modify it? I added to web.config element But I've got 404 Error. What I did wrong? Thanks P.S. Since modifying web.config did not work for me I tried another approach. 1. I created a user on app SL e.g. user1 2. I changed Authentication in IIS and set it for 'Windows Authentication" enabled 3. I went to security Tab of directory where my site is located e.g. C:\inetpub\wwwroot\app and added user e.g. win_user01 and granted read, list folders and execute permission. Is my expectation of workflow correct: 1. user win_user01 is a valid user of our network hence when he'll login into his client 'Windows Authentication" will be in place. Next .. he'll start the browser e.g. Chrome and tries to connect to SL app. He will have to provide user1 creds and be able to login. My assumption is: if win_user01 wouldn't be granted access to 'directory 'he would fail to login. Is it correct? In other words … only users that are added to directory and granted permission will be able to login into application. Is it correct? Thanks
  • Re: Allow login to app using IIS only for some users

    Sep 15, 2020 08:32 AM|Jalpa Panchal|LINK

    Hi,

    You could use the below authorization rule in your site or application.

    <authorization>
        <allow users="user1, user2"/>
        <deny users="?"/>
    </authorization>

    Make sure you enabled windows authentication and others are disabled.

    if you still face issue then you could enable failed request tracing in iis and troubleshoot the issue.

    https://docs.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
  • Re: Allow login to app using IIS only for some users

    Sep 16, 2020 02:11 AM|Susja|LINK

    I tried to add this block to web.config at this location: C:\inetpub\wwwroot\STARLIMS11.StarLIMS_Test\web.config

    I added:

    <security>
    			<requestFiltering>
    				<requestLimits maxQueryString="20480" maxUrl="20480"/>
    			</requestFiltering>
    			<authorization>
        				<allow users="vhabhsuser1, vhabhsuser2"/>
        				<deny users="?"/>
    			</authorization>
    		</security>
    	</system.webServer>
    </configuration>

    When I tried to resolve url ... I've got 404 Error.

    Sounds that I inserted it 'wrong' place or file.

    Any advice?

    Thanks

  • Re: Allow login to app using IIS only for some users

    Sep 16, 2020 03:26 AM|Jalpa Panchal|LINK

    look like your folder is missing. first, make sure that the mentioned URL folder is available under the default site. check the IIS logs for the sub status code or you could run the failed request tracing to get more detail.

    https://docs.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.