Solved

ASP.Net Windows Authentication Question vs Forms Auth

Posted on 2013-05-15
2
411 Views
Last Modified: 2013-05-21
Hello all,

I should know this by now but I forget as I usually handle authentication via forms auth.   So we have a single sign-on type app where in IIS I have enabled Windows Auth only of course and disabled Anonymous.   I also have a sql table called User that allows us to have a user administration screen to select Active Directory users and it add that user to our user sql server table with Username etc.   So essentially I could take the User.Identity.Name and check that table because I want to setup custom roles for users and I also don't want to allow all users on the network to use the application.  

My question is if Window Auth is set in IIS that allows us to hit the site without having a login page but I don't want to allow everyone to hit the site without validating first against my user table.  

Is it common that once they hit the site you take the User.Identity.Name then validate against a SQL Server table of users then set in Forms Authentication cookie at that point?  This way any URL they hit within the site it is MVC based application so any route that hits the IIS box forms authentication would kick them out?  Confused on how to allow the user to access any URL based on Windows Auth.   I dont think forms auth would work anyway because you cant enable Anonymous on the IIS as well or the identity does not work.

Hope this makes some sense.
0
Comment
Question by:sbornstein2
2 Comments
 
LVL 10

Accepted Solution

by:
eguilherme earned 250 total points
ID: 39171083
Since anonymous is disabled, you could check the value of:
Request.ServerVariables("LOGON_USER")

Open in new window


and check against your user table to set/not set the forms ticket
0
 

Author Closing Comment

by:sbornstein2
ID: 39185723
thanks
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes relatively difficult and non-obvious issues that are likely to arise when creating COM class in Visual Studio and deploying it by professional MSI-authoring tools. It is assumed that the reader is already familiar with the cla…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now