?
Solved

ASP.Net Windows Authentication Question vs Forms Auth

Posted on 2013-05-15
2
Medium Priority
?
417 Views
Last Modified: 2013-05-21
Hello all,

I should know this by now but I forget as I usually handle authentication via forms auth.   So we have a single sign-on type app where in IIS I have enabled Windows Auth only of course and disabled Anonymous.   I also have a sql table called User that allows us to have a user administration screen to select Active Directory users and it add that user to our user sql server table with Username etc.   So essentially I could take the User.Identity.Name and check that table because I want to setup custom roles for users and I also don't want to allow all users on the network to use the application.  

My question is if Window Auth is set in IIS that allows us to hit the site without having a login page but I don't want to allow everyone to hit the site without validating first against my user table.  

Is it common that once they hit the site you take the User.Identity.Name then validate against a SQL Server table of users then set in Forms Authentication cookie at that point?  This way any URL they hit within the site it is MVC based application so any route that hits the IIS box forms authentication would kick them out?  Confused on how to allow the user to access any URL based on Windows Auth.   I dont think forms auth would work anyway because you cant enable Anonymous on the IIS as well or the identity does not work.

Hope this makes some sense.
0
Comment
Question by:sbornstein2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
eguilherme earned 1000 total points
ID: 39171083
Since anonymous is disabled, you could check the value of:
Request.ServerVariables("LOGON_USER")

Open in new window


and check against your user table to set/not set the forms ticket
0
 

Author Closing Comment

by:sbornstein2
ID: 39185723
thanks
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question