single web app for both external users and domain users

bitshift · Jun 22, 2007

Ive been asked to allow internal (domain authenticated) users to get in to
my asp.net web application, while everyone else should use the login form.
One way ive seen others doing this, is to configure the application in IIS
to use windows authentication, uncheck anonymous, so as to have the browser
pass in the User.Identity value.

Then, when when a visotor hits the site, I can check if we have a domain
user with the User.Identity, and automatically log them in using a common
login name that is setup in the database. If the user.Identity is empty,
then force them to login as usual.

Sound reasonable ?

bruce barker · Jun 22, 2007

its much tricker than this. if you turn off anonymous, no one can access
the site with a successful domain login.

for the browser to send credentials, the server must send a 401 (access
denied). the browser then send some credentials. the server will return
another 401 if invalid, so the user can try again.

if you turn on anonymous, then iis never sends a 401 and the browser
will never send the user credentials.

the easiest solution is if the users ipaddress is internal, send a 401,
if not redirect to forms login.

-- bruce (sqlwork.com)

How to config the web.config for both Internal and External users using Windows and Forms Authentica	1	Oct 24, 2005
need two authentication timeouts for internal and external users	1	May 14, 2007
Authorizing network and external users	0	Aug 28, 2007
Intermittent issue with asp?? external users get server runtime er	2	Apr 21, 2010
Q: Authenticate users over domains	1	Sep 25, 2008
Windows identity getting confused between users	0	Jun 30, 2010
How to increase MaxWorkerThreads for a single web app?	0	Jan 20, 2011
security works for VPN users, doesnt for local	3	May 22, 2008

single web app for both external users and domain users

bitshift

bruce barker

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads