Mixing Forms and Windows Securiey

Discussion in 'ASP .Net Security' started by Jerry C, Jun 26, 2006.

  1. Jerry C

    Jerry C Guest

    This is a new post covering two previous posts:

    "Unable to establish secure connection to Server" and "membership and
    redirect of unauthenticated user"

    Thank you for your replys.

    I found a MSDN Library entry by the Title of:
    "Mixing Forms and Windows Security in ASP.NET" by Paul wilson January 2004

    I have tried this code and it seems to sort of work except for several
    problems.
    First it is in C# and I am having trouble transferring it into VB.
    In the line: "this.Request.Cookies[Global.ReturnUrl] == Null" when I change
    it to vb "request.cookies(Global.ReturnUrl) is nothing" the Global.ReturnURl
    does not work. This may be that the code was written in a old version of
    dotnet and I am trying to use it in VS2005. The converter removed the code
    behind from the Global.aspx.

    The other problem is when a non windows user access the winlogin page a
    login popup shows but when I cancel it the correct WebLogin page shows. how
    can I get rid of the popup up



    --
    Jerry
    Jerry C, Jun 26, 2006
    #1
    1. Advertising

  2. Hello Jerry,

    In VS.NET 2003, there is class defined in Global.asax, so that we can use
    Global.ReturnUrl to access a static member of the class. In In VS.NET 2005,
    there is no such class defined in Global.asax. To get around this, we can
    simply use a static or hardcode string instead.

    For question 2, can you check in the IIS security setting, did you use
    windows integrated authentication or Basic authentication?

    Regards,

    Luke Zhang
    Microsoft Online Community Lead

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Luke Zhang [MSFT], Jun 27, 2006
    #2
    1. Advertising

  3. Jerry C

    Jerry C Guest

    Luke,
    Thanks for your reply. Did you find the code for this article?

    I don’t think I need to fix the Global problem since I am using Membership
    and forms auth. That will redirect the user to the defaultUrl.

    I still am having the popup login box for the user with no credentials they
    should be redirected to the weblogin form without the popup. I can get it to
    work correctly by setting IE tools.internet options. Security. Local
    intranet.custom level.settings to anonymous login. I would like this to work
    for all settings. If the user needs to set up the browser I could just a
    easly tell them to use differet pages one for users with accounts and one
    without.

    I wonder is there is a article that addresses this problem using VS2005,
    forms auth and membership.

    Thanks

    --
    Jerry


    "Luke Zhang [MSFT]" wrote:

    > Hello Jerry,
    >
    > In VS.NET 2003, there is class defined in Global.asax, so that we can use
    > Global.ReturnUrl to access a static member of the class. In In VS.NET 2005,
    > there is no such class defined in Global.asax. To get around this, we can
    > simply use a static or hardcode string instead.
    >
    > For question 2, can you check in the IIS security setting, did you use
    > windows integrated authentication or Basic authentication?
    >
    > Regards,
    >
    > Luke Zhang
    > Microsoft Online Community Lead
    >
    > ==================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > ==================================================
    >
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    Jerry C, Jun 27, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TVIuIFVOREVSSElMTA==?=

    Mixing secure and unsecure pages with Forms Authentication

    =?Utf-8?B?TVIuIFVOREVSSElMTA==?=, May 27, 2004, in forum: ASP .Net
    Replies:
    4
    Views:
    4,940
    =?Utf-8?B?TVIuIFVOREVSSElMTA==?=
    May 27, 2004
  2. Chuck Bowling

    Mixing ASP.NET with windows forms

    Chuck Bowling, Jul 5, 2005, in forum: ASP .Net
    Replies:
    9
    Views:
    452
    Curt_C [MVP]
    Jul 6, 2005
  3. Replies:
    0
    Views:
    587
  4. SCG
    Replies:
    2
    Views:
    147
  5. Fabio Gouw

    Mixing Windows and Forms Authentication

    Fabio Gouw, Dec 10, 2004, in forum: ASP .Net Security
    Replies:
    3
    Views:
    121
    Hernan de Lahitte
    Dec 10, 2004
Loading...

Share This Page