Windows authentication

For on-prem installations it is possible to enable Single-Sign-In (SSO) with Windows authentication. When this is enabled users no longer have to sign in with their username and password, but will instead be automatically authenticated with their Windows credentials.

Configuration

The following settings are required for Weavy to use Window authentication.

Web server

The web server where Weavy is installed must be a member of the same Active Directory domain as the users, and the IIS website must be configured with the following settings:

Anonymous Authentication = Disabled
Forms Authentication = Disabled
Windows Authentication = Enabled

Web.config

The web.config file should have the following configuration:

<system.web>
    <authentication mode="Windows" />
</system.web>

Known issues

If your users get prompted for username and password after enabling Windows authentication it is likely because Windows thinks the Weavy website is in the "Internet" zone.

To resolve this you need to add the fully qualified domain name (FQDN) to IE's "Intranet" security zone. See http://support.microsoft.com/kb/303650.