Redirecting anon users - Forms or Windows Authentication

Discussion in 'ASP .Net Security' started by ar, Aug 3, 2004.

  1. ar

    ar Guest

    I have an Intranet site that I'm trying to work out some authentication issues on. Eventually, I want all of our domain users to add the url for the site into their 'Local Intranet' zone in IE so I can read their domain username automatically(using User.Identity.Name) when they hit the site w/out prompting for a login. I have turned off anonymous access on the site, and have added the domain to the Local Intranet zone on my machine, and it works fine.

    If a user has not added the domain into their Local Intranet zone in IE, then IIS sees them as trying to connect with the IUSR_machinename account, and rejects it since anonymous access is turned off. They then get prompted for their username and password with the windows login pop-up box.

    What I want to do is instead of prompt them for a username/password, I want to redirect them to a page instructing them on how to add the domain to their Local Intranet zone in IE and allow them to login via a form.

    I need to give users access to the site based on their windows username, so I had initially used 'windows' authentication in web.config. Can I use forms authentication too so I can redirect them to a custom logon screen and not just show them the generic windows login window? I'm sorry if my question is basic...still trying to learn how .NET authentication works..

    Thanks in advance.
     
    ar, Aug 3, 2004
    #1
    1. Advertisements

  2. ar

    chrisrock Guest

    Yes.

    Enable anonymous access again in IIS.

    In your web config replace the authentication element with this one..

    <authentication mode="Forms">
    <forms name="Application.CookieName"
    loginUrl="Login.aspx"
    path="/" protection="All" timeout="30">
    </forms>
    </authentication>

    Then replace your
    <authorization> tag with:
    <authorization>
    <deny users="?" />
    </authorization>

    Couple of notes.
    1. You have to create the login.aspx. This can show the information that you want.
    2. The ? in the deny element disallows anonymous access to the application.
     
    chrisrock, Aug 4, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.