possible to authentificate in both mode together: windows and forms?

Discussion in 'ASP .Net' started by Chris, Oct 9, 2007.

  1. Chris

    Chris Guest

    Hi,

    we run a webapplication where users must log in. So the web.config contains:
    <authentication mode="Forms"/> and IIS is set to Anonymous authentification.

    Now we want the same application to run inside our intranet. In this case,
    windows authentification must be used, avoiding to have to log a second
    time.

    Is it possible to put together in web.config both
    <authentication mode="Forms"/>
    and
    <authentication mode="Windows"/>?

    Also, ist it allowed in IIS to take two authentification modes together
    (Anonymous and Windows Integrated auth.)?

    thanks
    chris
    Chris, Oct 9, 2007
    #1
    1. Advertising

  2. RE: possible to authentificate in both mode together: windows and for

    Web.config both modes - NO
    IIS - Yes




    "Chris" wrote:

    > Hi,
    >
    > we run a webapplication where users must log in. So the web.config contains:
    > <authentication mode="Forms"/> and IIS is set to Anonymous authentification.
    >
    > Now we want the same application to run inside our intranet. In this case,
    > windows authentification must be used, avoiding to have to log a second
    > time.
    >
    > Is it possible to put together in web.config both
    > <authentication mode="Forms"/>
    > and
    > <authentication mode="Windows"/>?
    >
    > Also, ist it allowed in IIS to take two authentification modes together
    > (Anonymous and Windows Integrated auth.)?
    >
    > thanks
    > chris
    >
    >
    >
    =?Utf-8?B?SmF5IFBvbmR5?=, Oct 9, 2007
    #2
    1. Advertising

  3. Chris

    bruce barker Guest

    Re: possible to authentificate in both mode together: windows andforms?

    there is no built-in support for this. the easiest is two vdirs with the
    same code.

    otherwise, setup the vdir with windows authentication and anonymous
    access in iis and set forms authentication in web.config. in the login
    page, check the incoming ipaddress to see if its an intranet address. if
    it is, check for a windows identity. if none, then return a 401
    response. if you have an identity fill in the cookie authentication
    token and perform the redirect.

    you should read the doc on forms autheication becuase you want to
    control the logic.

    -- bruce (sqlwork.com)

    Chris wrote:
    > Hi,
    >
    > we run a webapplication where users must log in. So the web.config contains:
    > <authentication mode="Forms"/> and IIS is set to Anonymous authentification.
    >
    > Now we want the same application to run inside our intranet. In this case,
    > windows authentification must be used, avoiding to have to log a second
    > time.
    >
    > Is it possible to put together in web.config both
    > <authentication mode="Forms"/>
    > and
    > <authentication mode="Windows"/>?
    >
    > Also, ist it allowed in IIS to take two authentification modes together
    > (Anonymous and Windows Integrated auth.)?
    >
    > thanks
    > chris
    >
    >
    bruce barker, Oct 10, 2007
    #3
  4. Chris

    Chris Guest

    thanks

    "bruce barker" <> schreef in bericht
    news:...
    > there is no built-in support for this. the easiest is two vdirs with the
    > same code.
    >
    > otherwise, setup the vdir with windows authentication and anonymous access
    > in iis and set forms authentication in web.config. in the login page,
    > check the incoming ipaddress to see if its an intranet address. if it is,
    > check for a windows identity. if none, then return a 401 response. if you
    > have an identity fill in the cookie authentication token and perform the
    > redirect.
    >
    > you should read the doc on forms autheication becuase you want to control
    > the logic.
    >
    > -- bruce (sqlwork.com)
    >
    > Chris wrote:
    >> Hi,
    >>
    >> we run a webapplication where users must log in. So the web.config
    >> contains:
    >> <authentication mode="Forms"/> and IIS is set to Anonymous
    >> authentification.
    >>
    >> Now we want the same application to run inside our intranet. In this
    >> case, windows authentification must be used, avoiding to have to log a
    >> second time.
    >>
    >> Is it possible to put together in web.config both
    >> <authentication mode="Forms"/>
    >> and
    >> <authentication mode="Windows"/>?
    >>
    >> Also, ist it allowed in IIS to take two authentification modes together
    >> (Anonymous and Windows Integrated auth.)?
    >>
    >> thanks
    >> chris
    >>
    Chris, Oct 10, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Matt Adamson
    Replies:
    0
    Views:
    295
    Matt Adamson
    Mar 1, 2007
  2. Matt Adamson

    Using both forms and windows authentication together

    Matt Adamson, Mar 1, 2007, in forum: ASP .Net Security
    Replies:
    6
    Views:
    232
    Matt Adamson
    Mar 2, 2007
  3. Jonas S.

    Forcing to authentificate every tiome

    Jonas S., Apr 11, 2004, in forum: ASP General
    Replies:
    3
    Views:
    158
    Aaron Bertrand [MVP]
    Apr 11, 2004
  4. Replies:
    1
    Views:
    556
  5. Replies:
    1
    Views:
    417
    Roedy Green
    Aug 29, 2012
Loading...

Share This Page