AnsweredAssumed Answered

PIWebAPI Kerberos/Basic Authentication

Question asked by neilg on Jul 18, 2016
Latest reply on Aug 8, 2016 by Marcos Vainer Loeff

Hello,

 

I have a web application which makes calls to PIWebAPI. It is used in an intranet environment and PIWebAPI is configured as "AuthenticationMethods=Kerberos" which works well.

 

There is a need to run the web application from a mobile device which is not domain aware (but VPN connected). When PIWebAPI is setup to "AuthenticationMethods=Basic", the password prompt comes up and I am able to enter my user name and password and access PIWebAPI from the mobile device.

 

However, this causes the password prompt to come up on domain aware devices as well which is less than ideal. I have tried with "AuthenticationMethods=Kerberos and Basic" but the password prompt always comes up on domain aware and non domain aware devices.

 

Question is, is there a way to fall back on Kerberos on a Domain Aware device and to Basic on a non-domain aware device so that domain connected users are not unnecessarily prompted for their username and password? I am open to code suggestions if it is possible at all. The stack I am working with is ASP.NET MVC, JavaScript.

 

Thanks for any pointers in advance.

Outcomes