locked
Windows and Forms Authentication on same MVC site RRS feed

  • Question

  • User-184663190 posted

    Hi

    Does anyone have a real/complete answer to this problem?? It seems lots of people say it's possible, but I have still to find a posting which shows all the details needed to make it work....

    I would like to have my site recognise users who are on the domain through windows auth, but also have the ability for users connecting via the internet to login using forms auth. Would really appreciate any advice...

    Thanks

    Friday, June 27, 2014 12:25 AM

All replies

  • User753101303 posted

    Hi,

    Is the purpose to have Windows user accounts being able to log through the internet or do you want some users to log without creating an account for them in AD ?

    In the first case, forcing NTLM worked well for us. ADFS might be also an option. For the later case if I remember we have done a form and we check first against AD and if it fails then again a SQL db.

    Sunday, July 6, 2014 7:20 AM
  • User475983607 posted

    I had success using certificate authentication with forms authentication.  The pain is the butt comes in when the certs must be reissued because inevitably we'd forget.

    Monday, July 7, 2014 6:50 PM
  • User459955333 posted

    One way is to have windows authentication enabled on the site .. and redirect the 401 Unauthorized status code to your forms authentication page .. this way .. user with right credentials gets authenticated .. and if they are not authorised .. they get redirected to the login form ... 

    Thursday, July 10, 2014 1:55 AM