0
I have to configure the following ASP.NET authentication scenario: depending on some precise conditions that authentication is performed through Forms or Windows.
The scenario is that if an authenticated user is identified, the application authentication must validate the Login in AD(Active Directory), in the case of an intranet for example. In case the access has been done through the internet, the authentication of the application must be done through Forms, requesting the credentials registered in database associated to the user.
From what I’ve seen so far ASP.NET allows in the application one or other authentication, even because it depends on settings in IIS. Someone has already needed to set up this scenario, and can help me in this sense?
You will need to do manual. Check that you are logged in to the domain (for example by checking
System.Web.HttpContext.Current.User.Identity
) and if not, direct to a page that requests credentials and authenticate the user.– Ricardo Pontual
In both cases the authentication will be validated by AD... The difference is that in the internal network access this user is already logged in the domain...
– Leandro Angelo
@Ricardopunctual, but will I have to keep the settings for Windows application-side authentication as well as IIS? Web.Config <Identity impersonate="true"/> <Authentication mode="Windows"> <Forms loginUrl="login.aspx" name=". ASPFORMSAUTHLC" Protection="All" timeout="20" slidingExpiration="true"></Forms> </Authentication> IIS Asp.NET Impersonation = Enabled Windows Authentication = Enabled
– Vladimir Junior
@Leandroangelo please read the text of the question: "In case the access has been done through the internet, the authentication of the application must be done through Forms, requesting the credentials registered in database associated to the user."
– Ricardo Pontual