We've got a production and dev versions of the website running on the same IIS (Windows 2003) server. We don't want dev version to be available for everybody outside. But we also don't want to make changes to authentication system or site structure just to change the way users can access it.
S开发者_JAVA百科o, it would be good to have something like windows usenrame/password dialog displayed first time someone tries to load the webpage of dev site. It would make sense if that dialog will accept access credentials of server accounts. After submitting successfully NT username/password, user should be able to load page of dev website.
So, basically we don't want to rework dev application to accept NT username/password for login. We simply want it to be protected and accessible only by persons that have access to the server itself. Any ideas on how this may be done?
I'm going to assume you're using 2.0, although much of the configuration is the same:
http://msdn.microsoft.com/en-us/library/ff647405.aspx
Shouldn't have to make any changes, just configure the application to use windows authentication, deny anonymous users and optionally specify certain groups that are allowed access.
精彩评论