amazon-web-servicesiis-7.5windows-authenticationaws-application-load-balanceraws-alb

Windows authentication does not work behind AWS Application Load Balancer


I have an ASP .NET WCF service web that uses Windows Authentication. After deploying the web service to the server (Windows Server 2012) and enabling Windows Authentication on IIS, I visit the page using localhost going directly to the server. It prompts for credentials, I provide my AD username/password once and it works.

Now, if I have the same server behind an AWS Application Load Balancer and I hit the DNS of the webservice which is mapped to the app load balancer then noticed an issue here.

The window pops up for entering Windows credentials. But when I enter correct credentials it doesn't take them. It repeatedly prompts for user/password? What's happening? ALB doesn't support AD integrated auth for IIS?

Any ideas?


Solution

  • There seems to be a workaround for this solution in AWS Application Load Balancer. You need to enable sticky sessions in your ALB settings. I tried this and now I don't get the repeated windows auth pop up prompting repeatedly for user name and password for windows auth enabled web application. But this quick fix may not help for stateless applications.