New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to authenticate using node-sspi and IIS #95
Comments
Think I may have found the solution to the issue I was having, so adding my solution in case anyone else has the same issue(s). By default in IIS, "Anonymous Authentication" is enabled, and "ASP.NET Impersonation" and "Windows Authentication" are disabled. Anyway, hopefully this will help anyone else having the same issue. |
@mlaposta Any chance you can post an example and a screenshot of your IIS Auth settings / code that works. I am trying to do the exact same thing for a new project and I can't authenticate the window just keeps repeating asking for username and password. I am working off the example here: My settings look like this: app.use(function (req, res, next) { I ONLY have Windows Authentication enabled on IIS. Any Thoughts? |
So first off, in the nodeSSPIObj, you are disabling both authentications ... you would need at least one enabled. What I did was set offerBasic to true and offerSSPI to false, and in IIS, keep Windows Authentication disabled, and Anonymous Authentication enabled. When you enable Windows Authentication in IIS, IIS takes over the authentication flow. So technically, with only IIS and IISNode you could handle all of the authentication without the need for nodeSSPI ... however that setup would lack some customization abilities. To recap, what worked for me was:
And in IIS, "Anonymous Authentication" enabled, "Windows Authentication" disabled. Hope that helps! |
This seems to have been an issue for quite a while, yet I have not been able to figure out how to fix this.
My setup:
If I run my node app using node-sspi to authenticate, run from the command line, the authentication works perfectly as expected.
As soon as I try to run the app from IIS however, the user credentials pop-up always pops up in the browser, but no matter what is entered will never authenticate.
This has been mentioned in other threads, including #tjanczuk#658 on tjanczuk's github, but no solution that I can see.
I've been trying for weeks to get this working, including the solutions mentioned in this stackoverflow thread but nothing seems to resolve this issue.
It seems IIS is prompting for credentials when the static files are requested via express.static, but I'd assume other scenarios produce the same 401 issues.
Is there any fix for this?
The text was updated successfully, but these errors were encountered: