IIS authentication
this code provides a username/password of username/domain to be used on MS IIS to authenticate users. This code don't ivolve any authentication algorythm - it uses basic or Windows authentication made by IIS server. I didn't saw any such code here. This code is only an example, but you can modify it as you wish.
Inputs
no input parameters, therefore IIS supplies authentication method and algorythm.
Assumes
The reason i wrote this code without any auth mechanizm is that in my opinion, developer should focus on systems development, and authentication should be left for operating systems - it much more secure, than authenticating on your own, but involves user registration in local/global users database. But if you don't want this user to login interactively, restrict the user "logon to" and add a IIS workstation/server name - this will eliminate the possibility for user to login remotely and access any resources on your computer. Actually this code is usefull in corporate-wide environment, when local employees, nedds an access to some WEB interface, but using this they will don't need to enter any username/password as the IE will do it automatically in "intranet" zone, and when working remotely, they will be prompted for username/password/domain. You must enable basic and Windows integrated authentication to let IIS authenticate user against Windows user database/Active Directory.
Returns
domain\username in case of negotiate authentication
and
username:password in case of basic auth. but you really don't need any passwords, because if your code is being run, thats mean IIS already authenticated a user against domain/computer.
Side Effects
actually no any, except the code will not provide a password in negotiate auth.
(2(2 Vote))