User has to login twice. Why??

[Redeye]

Hello,

I am using windows forms authentication in my asp.net web application so
that it uses ADSI to validate users.

The application is in a virtual directory on my local system,
(http://Localhost/MyApp), and it makes the call to a domain server on our
network. Everything works great. When the application is on the deployment
server the user is required to login via the windows login (Pop-up) and then
once again via the login form.

The test environment:
------------------------------------------------------
IIS Authentication Methods: (Local Machine)
Anonymous access (unchecked)
--
Basic authentication(checked)
Digest authentication(grayed out)
Integrated Windows authentication(checked)
------------------------------------------------------

The deployment environment:
The application is in the root directory, (http://MyApp.com), and it makes
the call to a domain server on the network.
------------------------------------------------------
IIS Authentication Methods: (Deployment Server)
Anonymous access (unchecked)
--
Basic authentication(checked)
Digest authentication(checked) I have also tried it unchecked.
Integrated Windows authentication(checked)
------------------------------------------------------

What security settings need to be changed?

Here is the web.config file settings.
<identity impersonate="true"/>

<authentication mode="Forms">
<forms loginUrl="logon.aspx" name="MyDomain" timeout="10" path="/" >
</forms>
</authentication>

<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

Thanks,
Bryan

 

[Dave]

I would check the permissions on folder where the login
form resides. It should be set to anonymous so all users
can get to it in order to login. Sounds like it's set to
Basic Authentication which is why you are getting the pop-
up

Dave

-----Original Message-----
Hello,

I am using windows forms authentication in my asp.net web application so
that it uses ADSI to validate users.

The application is in a virtual directory on my local system,
(http://Localhost/MyApp), and it makes the call to a domain server on our
network. Everything works great. When the application is on the deployment
server the user is required to login via the windows login (Pop-up) and then
once again via the login form.

The test environment:

(http://MyApp.com), and it makes

 

[Joe Kaplan \(MVP - ADSI\)]

That is the expected result when you use both Windows authentication
(Integrated auth. is checked) and Forms authentication. If you don't want
the Windows authentication, disable IIS/Windows authentication completely by
allowing anonymous and unchecking all Windows auth settings.

Joe K.

 

[Redeye]

I have tried that and the system hangs. I have tried all combinations of
security settings. The only solution I have found is set the authentication
type in the web.config file to Windows and do away with the login form. The
powers that be do not like this solution which is why I am hoping to find
some enlightenment out here.

Thanks