Redirect when using Windows (Basic) Authentication?

[Dave]

Hi,

Is there anyway to mimic forms authentication's loginUrl
and RedirectFromLoginPage functionality using Windows
authentication?

We are developing intranet sites using basic
authentication and we want to always redirect a user to a
default 'splash' or welcome page that is set to anonymous
if they are not logged in. This page would have
graphics, news, company announcements, etc along with a
link that states "To login, click here." which would open
the basic authentication dialog.

I thought there may be a way to use HttpModules to do
this but I don't think IIS will allow the http request to
make that far in the pipeline.

I've heard ISAPI filters may be able to do this but I not
too familiar with writing those. Can anyone offer any
ideas?

Thanks, Dave.

 

[Vadim Chekan]

Hi,

Is there anyway to mimic forms authentication's loginUrl
and RedirectFromLoginPage functionality using Windows
authentication?

Yes, I think it is possible.
On Your Login page:

OnLogin_Click() {
string login = Login.Text;
string password = Password.Text;
// authenticate using Win
...
if (isValid) {
FormsAuthenication.SetAuthCookie(login, true);
Redirect("/Main.aspx");
}
else {
Redirect("/Splash.aspx");
}
}

We are developing intranet sites using basic
authentication and we want to always redirect a user to a
default 'splash' or welcome page that is set to anonymous
if they are not logged in. This page would have
graphics, news, company announcements, etc along with a
link that states "To login, click here." which would open
the basic authentication dialog.

I thought there may be a way to use HttpModules to do
this but I don't think IIS will allow the http request to
make that far in the pipeline.

That far as what?
IIS passes _all_ *.aspx requests (and many other) to asp.net, you can
see more details in IIS config. And you can do whatever you want with
this query.

I've heard ISAPI filters may be able to do this but I not
too familiar with writing those. Can anyone offer any
ideas?

As far as I see only functionality you need is to redirect not logged
users to "login" page. But this is managed by standart Form authentication.

Of course you can write your own module and implement all
FormsAuthentication by yourself, but what for?

Vadim Chekan.

 

[Harley]

i don't think that 'll do the job. it looks like dave wants to use basic
authentication, not forms authentication. probably he has some files to
secure other that aspx files, like pdf, word, excel etc. sort of the same
scenario i have on some intranets.

 

[Dave]

Harley,

You are correct, the scenerio I want uses Basic
Authentication, not Forms. We often upload other types
of files that will require this of security.

Do you know of any solutions since it sounds like you
work in a similar environment? Thanks for your
response. Dave.

 

[Dave]

See Harley's response. I'm referring to Windows
Authentication in conjunction with IIS Basic
Authentication. Not Forms Authentication.