Enabling Windows Authentication from inside Forms Authentication (ASP.NET 2.0)

Discussion in 'ASP .Net Web Controls' started by Michael D. Ober, Oct 25, 2006.

  1. I need the ability to bypass the forms authentication login page when the
    user requesting the protected page is running on our corporate network and
    is also logged into the corporate domain. How do I do this?

    Thanks,
    Mike Ober.
    Michael D. Ober, Oct 25, 2006
    #1
    1. Advertising

  2. Thats not easily doable.

    the easiest way is to provider two application entry points - one for non-domain
    users, and a separate app for domain users that converts the windows account
    details to a forms auth cookie.

    another option is to modify the pipeline and inject some modules that "bypass"
    forms auth - this needs some kind of indicator if windows auth should be
    used or not - like an IP address range for domain users.

    i described both approaches and trade offs in detail here - but feel free
    to ask more questions:

    http://www.microsoft.com/mspress/books/9989.asp

    ---
    Dominick Baier, DevelopMentor
    http://www.leastprivilege.com

    > I need the ability to bypass the forms authentication login page when
    > the user requesting the protected page is running on our corporate
    > network and is also logged into the corporate domain. How do I do
    > this?
    >
    > Thanks,
    > Mike Ober
    Dominick Baier, Oct 25, 2006
    #2
    1. Advertising

  3. Michael D. Ober

    Jeff Dillon Guest

    Jeff Dillon, Oct 25, 2006
    #3
  4. Jeff,

    Thanks for the link.

    Mike Ober.

    "Jeff Dillon" <> wrote in message
    news:OS9qpWI%...
    >
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/mixedsecurity.asp
    >
    > "Michael D. Ober" <obermd.@.alum.mit.edu.nospam> wrote in message
    > news:%23X4JEeH%...
    >>I need the ability to bypass the forms authentication login page when the
    >>user requesting the protected page is running on our corporate network and
    >>is also logged into the corporate domain. How do I do this?
    >>
    >> Thanks,
    >> Mike Ober.
    >>
    >>

    >
    >
    Michael D. Ober, Oct 26, 2006
    #4
  5. Michael D. Ober

    Phil H Guest

    Dear Mike

    You don't say whether external users have an internal network account
    but if you opt for Windows authentication in web.config and set
    Directory Security in IIS to "Integrated Windows" and disable
    "Anonymous access" then external visitors will be prompted for a
    username and password. The credentials they supply will be verified by
    a domain controller in the same manner as in internal corporate network
    login.

    Hope that's helpful

    Phil Hall
    Phil H, Oct 29, 2006
    #5
  6. That won't work. My external users must use Forms Authentication because
    they don't have domain accounts (nor am I going to shell out $$$ to M$ for
    web-enabled CALs for them.) I did solve the problem by mimicking the login
    control, however.

    Mike.

    "Phil H" <> wrote in message
    news:...
    > Dear Mike
    >
    > You don't say whether external users have an internal network account
    > but if you opt for Windows authentication in web.config and set
    > Directory Security in IIS to "Integrated Windows" and disable
    > "Anonymous access" then external visitors will be prompted for a
    > username and password. The credentials they supply will be verified by
    > a domain controller in the same manner as in internal corporate network
    > login.
    >
    > Hope that's helpful
    >
    > Phil Hall
    >
    Michael D. Ober, Oct 30, 2006
    #6
  7. Phil,

    Sorry about being curt - it's Monday from Hell here.

    Mike.

    "Michael D. Ober" <obermd.@.alum.mit.edu.nospam> wrote in message
    news:uEM183C$...
    > That won't work. My external users must use Forms Authentication because
    > they don't have domain accounts (nor am I going to shell out $$$ to M$ for
    > web-enabled CALs for them.) I did solve the problem by mimicking the
    > login control, however.
    >
    > Mike.
    >
    > "Phil H" <> wrote in message
    > news:...
    >> Dear Mike
    >>
    >> You don't say whether external users have an internal network account
    >> but if you opt for Windows authentication in web.config and set
    >> Directory Security in IIS to "Integrated Windows" and disable
    >> "Anonymous access" then external visitors will be prompted for a
    >> username and password. The credentials they supply will be verified by
    >> a domain controller in the same manner as in internal corporate network
    >> login.
    >>
    >> Hope that's helpful
    >>
    >> Phil Hall
    >>

    >
    >
    Michael D. Ober, Oct 30, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?V2FxYXMgUGl0YWZp?=

    Enabling Forms Authentication Stops Button Click Events

    =?Utf-8?B?V2FxYXMgUGl0YWZp?=, Aug 21, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    340
    =?Utf-8?B?V2FxYXMgUGl0YWZp?=
    Aug 21, 2005
  2. Waqas Pitafi

    Enabling Forms Authentication Stops Button Click Events

    Waqas Pitafi, Aug 21, 2005, in forum: ASP .Net Security
    Replies:
    3
    Views:
    161
    Waqas Pitafi
    Aug 22, 2005
  3. Eric
    Replies:
    2
    Views:
    467
  4. Michael D. Ober
    Replies:
    6
    Views:
    282
    Michael D. Ober
    Oct 30, 2006
  5. Justin Bailey
    Replies:
    5
    Views:
    236
    Mike Woodhouse
    Nov 17, 2006
Loading...

Share This Page