We are attempting to evaluate SiteFinity for use as an internal staff portal. Our required configuration is that all users will authenticate to the site using their domain credentials, but that authorization will still be managed in SiteFinity using SiteFinity roles, not active directory groups. Our test platform for evaluation purposes is a dev box running windows 7 and iis 7.5. We have a clean install with only a templateless home page defined. This page only has the Login Name and Login Status controls on it. The only accounts are the admin account created during installation and an domain account as describe below.
To set up windows authentication, I have followed the directions provided in the developer manual (http://www.sitefinity.com/help/developer-manual/windows-authentication.html
). The document is targeted at IIS6 but the steps easily translate to 7.x. Prior to doing this, while still setup for forms auth, I added a new administrator account to SiteFinity with a user name of "OurDomain\MyLogon". One additional change I had to make in order for this to "work" was to add the traditional <authorization><deny users="?" /></authorization> to the web config. to force the site to send a challenge (401 response) to the browser. With this in place, while the browser is sending back the appropriate credentials in response to the challenge, I continue to receive a 401 response in return. The very odd thing is, without the authorization rule to deny anonymous users, forms authentication continues to work even with <authentication="windows" /> set and all other forms of authentication disabled in IIS.
I have an test web application installed beside the sitefinity application in the same web site. It is configured identically with respects to IIS and file permissions and contains only a default.aspx page and a basic web.config (sets windows auth and denies anon users), The aspx page simply contains <%:System.Threading.Thread.CurrentPrincipal.Identity.Name%> This test site works correctly with windows authentication, so this seems to be an issue internal to the SiteFinity web application.
Can anyone please provide additional guidance?