scisoc
asked on
SharePoint 2010 dual authentication
We are developing a public site that has a mutiple subsites that are accessible via IP authentication and/or fba authentication. Other sub sites in that site collection contain member only areas accessible via a member role, which the IP records do not have. They are only accessible via fba authentication.
So how can I solve the following scenario:
I access the website through company's network (IP range), get authenticated (IP role), and have access to the IP areas. Now, assume I am also a member of the site (but not authenticated as such because I was authenticated by IP already). I go to the member area, but get access denied becuase my authenticated IP record does not have that member role.
Any ideas how to make this work?
So how can I solve the following scenario:
I access the website through company's network (IP range), get authenticated (IP role), and have access to the IP areas. Now, assume I am also a member of the site (but not authenticated as such because I was authenticated by IP already). I go to the member area, but get access denied becuase my authenticated IP record does not have that member role.
Any ideas how to make this work?
ASKER
Thanks. We do currently make use of SharePoint security via custom login page for authentication using a custom membership/role provider and SP groups that use roles from sql membership database for authorization.
I can actually think of a way to authenticate a user via IP with a custom login page, I've succesfully implemented on a .net site. However, once they are authenticated by IP, there is no way I can think of to re-authenticate as a fba user if trying to access a member role area.
I'm afraid the short answer to my question is...IT'S NOT POSSIBLE.
I can actually think of a way to authenticate a user via IP with a custom login page, I've succesfully implemented on a .net site. However, once they are authenticated by IP, there is no way I can think of to re-authenticate as a fba user if trying to access a member role area.
I'm afraid the short answer to my question is...IT'S NOT POSSIBLE.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can use IP authentication for controlling access to the network segments, but it will not work with SharePoint to control access. This link might help explain how this all works:
http://technet.microsoft.com/en-us/library/cc262350%28v=office.15%29.aspx