Buka IIS, pilih web app yang akan diubah menjadi windows authentication
Pada bagian “IIS”, pilih “Authentication”
Ubah “Windows Authentication” menjadi “Enabled”
Jika tidak ada pilihan Windows Authentication, install dulu melalui:
Turn Windows feature on or off (untuk Windows Server, melalui Server Manager)
Buka Internet Information Services > World Wide Web Services > Security
Ceklis “Windows Authentication”
Jika tidak ada pilihan “Windows Authentication”
Windows 10
Buka windows explorer, lihat folder “%SystemRoot%\servicing\Packages\”
Cari file yang depannya “Microsoft-Windows-IIS-WebServer-AddOn-2-Package~31bf3856ad364e35~amd64~~”, dengan extension “mum”
Buka command prompt
Ketik “dism /online /norestart /add-package:%SystemRoot%\servicing\Packages\Microsoft-Windows-IIS-WebServer-AddOn-2-Package~31bf3856ad364e35~amd64~~__________________.mum”, angka sebelum .mum disesuaikan dengan file yang ada di folder, lalu enter
Windows Server
Buka Server Manager
Manage > Add Roles and Features > Server Roles > Web Server (IIS) > Web Server > Security
Lalu ceklis “Windows Authentication”
Ubah kode Global.asax.cs
private static Dictionary<string, Principal> _principals = new Dictionary<string, Principal>();
private static DateTime _timestamp = DateTime.Now;
protected void Application_PreRequestHandlerExecute(object sender, EventArgs e)
{
//init
Principal winPrincipal = new Principal(Thread.CurrentPrincipal.Identity);
// Menghandle username saja, tanpa melihat domain.
// Kalau ada username yg sama di domain yg berbeda, dan terdaftar sebagai user yang berbeda di database.
// Ambil sama domainnya. Hapus domainnya saat mau menampilkan username nya saja
var username = winPrincipal.Identity.Name.Split('\\').Last();
if (winPrincipal.Identity.IsAuthenticated)
{
InitUser(username);
}
else
{
//not authenticated as a windows user
}
}
private void InitUser(string username)
{
//lib
Principal.Param param;
IMembershipService membershipService;
string[] roles;
//algorithm
try
{
// if no initial principal, then assign new principal
// or if there is a principal but it has already expired (30 second)
if (!_principals.ContainsKey(username) || (_principals.ContainsKey(username) && DateTime.Now.Subtract(_timestamp).TotalSeconds > 30))
{
param = new Principal.Param();
membershipService = new MembershipService(Membership.Provider);
roles = Roles.GetRolesForUser(username);
modules = ModuleAction.GetModuleActionForUser(username);
//set param
param.Identity = User.Identity;
param.User = membershipService.GetUser(username);
param.Roles = roles.Any() ? roles.ToList() : new List<string>();
param.Modules = new List<ModuleAction>();
//set principal
_principals[username] = new Principal(param);
_timestamp = DateTime.Now;
}
//set HttpContext user
if (_principals.ContainsKey(username))
{
Context.User = _principals[username];
}
else
{
HttpContext httpContext = HttpContext.Current;
httpContext.Response.Redirect("~/Error/AccessDenied", true);
}
}
catch (Exception e) // if timeout (or other error)
{
}
}
