Anonymous and Windows Authentication

  • Thread starter Competitive Dad
  • Start date
C

Competitive Dad

I need to have a site that supports both of the above schemes.

I have created the site and published it to a folder and have set up two
virtual directories on the folder, one with Anonymous enabled, the other with
Windows Authentication.

I have a login/logout button that when clicked does a simple redirect to the
appropriate site. I am checking
HttpContext.Current.User.Identity.IsAuthenticated to decide what to do.

The site is identical in both cases, and the web.config is set as:

<authentication mode="Windows" />
<identity impersonate="true" />

Now this all works fine, if I start on Anonymous click the login button I'm
directed to the Windows URL and access to resources is correct.

If I then click the login/logout button again, this also works and I get
sent back to the Anonymous URL and the resource access is correct.

If I then try clicking the login/logout button for a third time, I am just
left in the Anonymous site and am never taken to the Windows URL.

I've tried IsAuthenticated, I've tried checking User.Identity.Name.Length
and all manner of other things as my test to redirect and nothing seems to
work.

Anyone got anything else I could try or advice on why it is not working?

Many thanks,

CD
 
C

Competitive Dad

Just to add a bit more detail so this can be setup and tested just to make
sure I'm not going made, if you create a brand new web site project, add a
<asp:LinkButton> to the Default.aspx page, and then have the following in the
code behind:

protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
LinkButton1.Text = "Login";
}
else
{
LinkButton1.Text = "Logout";
}
}
}

protected void LinkButton1_Click(object sender, EventArgs e)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{

Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["AnonymousSiteUrl"], true);
}
else
{

Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["WindowsSiteUrl"], true);
}
}

The web.config I have is set up as:

<appSettings>
<add key="AnonymousSiteUrl" value="http://localhost/SecuritySiteTestAnon" />
<add key="WindowsSiteUrl" value="http://localhost/SecuritySiteTest" />
</appSettings>

with the following authentication/identity:

<authentication mode="Windows" />
<identity impersonate="true"/>

It really is that simple. If I set up two virtual directories in IIS
pointing to the same directory, and then publish this (VERY) simple site to
the folder, if I browse to the SecuritySiteTestAnon page I can login okay, I
can logout of the SecuritySiteTest page I get directed to, but then clicking
Login again just leaves me in SecuritySiteTestAnon.

I've tried many things, maybe this is simply not possible. BTW, this is on
Windows Server 2003.

Help!

Thx,

CD
 
C

Competitive Dad

Well, chalk this up as something I'm not quite sure I understand, but I've
cracked it.

Instead of having the web.config set as below for the appsetting, I changed
to:

<appSettings>
<add key="AnonymousSiteUrl"
value="http://localhost/SecuritySiteTestAnon/Default.aspx" />
<add key="WindowsSiteUrl"
value="http://localhost/SecuritySiteTest/Default.aspx" />
</appSettings>

so included an explicit page after the Url and it works.

If anyone could provide an explanation that'd be dandy.

Thx,

CD
Competitive Dad said:
Just to add a bit more detail so this can be setup and tested just to make
sure I'm not going made, if you create a brand new web site project, add a
<asp:LinkButton> to the Default.aspx page, and then have the following in the
code behind:

protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
LinkButton1.Text = "Login";
}
else
{
LinkButton1.Text = "Logout";
}
}
}

protected void LinkButton1_Click(object sender, EventArgs e)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{

Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["AnonymousSiteUrl"], true);
}
else
{

Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["WindowsSiteUrl"], true);
}
}

The web.config I have is set up as:

<appSettings>
<add key="AnonymousSiteUrl" value="http://localhost/SecuritySiteTestAnon" />
<add key="WindowsSiteUrl" value="http://localhost/SecuritySiteTest" />
</appSettings>

with the following authentication/identity:

<authentication mode="Windows" />
<identity impersonate="true"/>

It really is that simple. If I set up two virtual directories in IIS
pointing to the same directory, and then publish this (VERY) simple site to
the folder, if I browse to the SecuritySiteTestAnon page I can login okay, I
can logout of the SecuritySiteTest page I get directed to, but then clicking
Login again just leaves me in SecuritySiteTestAnon.

I've tried many things, maybe this is simply not possible. BTW, this is on
Windows Server 2003.

Help!

Thx,

CD

Competitive Dad said:
I need to have a site that supports both of the above schemes.

I have created the site and published it to a folder and have set up two
virtual directories on the folder, one with Anonymous enabled, the other with
Windows Authentication.

I have a login/logout button that when clicked does a simple redirect to the
appropriate site. I am checking
HttpContext.Current.User.Identity.IsAuthenticated to decide what to do.

The site is identical in both cases, and the web.config is set as:

<authentication mode="Windows" />
<identity impersonate="true" />

Now this all works fine, if I start on Anonymous click the login button I'm
directed to the Windows URL and access to resources is correct.

If I then click the login/logout button again, this also works and I get
sent back to the Anonymous URL and the resource access is correct.

If I then try clicking the login/logout button for a third time, I am just
left in the Anonymous site and am never taken to the Windows URL.

I've tried IsAuthenticated, I've tried checking User.Identity.Name.Length
and all manner of other things as my test to redirect and nothing seems to
work.

Anyone got anything else I could try or advice on why it is not working?

Many thanks,

CD
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows Authentication and Anonymous Access 1
Windows + Anonymous Authentication 0
web.config and Anonymous Authentication problems ??? 0
KML to CSV file conversion using Python and Windows Powershell 0
What language should I learn to create an authentication website? 2
issues mixing integrated Windows authentication and anonymous on same application 2
IWA and Anonymous Access 0
Multi select options in a menu 1

Members online

Total: 69 (members: 1, guests: 68)
Robots: 332

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,705
Latest member
Stefkari24

Latest Threads

Top