8

I am trying to make a mixed mode authentication to be able to put some users on Federated authentications and others on Forms authentication.

I am working with WIF, I set up my STS and everything is happy, when I am in federated mode by turning off all the authentication this way:

<authorization>
    <deny users="?" />
</authorization>
<authentication mode="None" />

I log in to my main application then when I log in to my side application it will let me log in silently since the session cookie is already generated and the user is authenticated.

but when I use Forms authentication, when I log in to my side application it will take me to the login page which I understand because the user is not authenticated but it seems even with having the session cookie it is not silently redirecting it.

I know that I need to redirect onEndRequest to the STS to authenticate the user and if the user is already authenticated then it will generate FedAuth cookie and and it will log me in silently,

does anybody know how to implement this, I didn't find resources about it when I researched.

Alaa

Alaa Osta
  • 4,249
  • 6
  • 24
  • 28
  • I'm trying to do something similar now. Any luck on this Alaa? – Steve Feb 01 '13 at 20:32
  • Have a look at this blog post: (http://leastprivilege.com/2012/02/02/mixing-forms-and-token-authentication-in-a-single-asp-net-application/), and see the next one for more details. – klings Jul 09 '13 at 22:21
  • Looking similar to this with WIF now part of .net 4.5 any seemless solution? – Pranav Singh Jan 21 '16 at 10:42
  • I've found this: http://magenic.com/Blog/Post/39/Mixed-Mode-ADFS-2-0-and-Forms-Authentication-in-a-Single-ASP-NET-Web-Application – motta Aug 23 '16 at 17:21

1 Answers1

-1

For all who needs to setup federated user authentication in asp.net app the following link might be extremely helpful:
http://blog.elis-co.com/wif-sso-and-forms-authentication-in-asp-net/

Also http modules included to the config from the link above are outdated. So correct them with ones from the following article:
https://learn.microsoft.com/en-us/dotnet/framework/security/how-to-build-claims-aware-aspnet-web-forms-app-using-wif

Alex Valchuk
  • 623
  • 6
  • 8