1

I have started looking into Forms Authentication with Windows Authentication (I believe its called Mixed Forms Authentication, but I could and probably am wrong)

So far I have discovered in my web.config file I need to add the following lines:

<authentication mode="Forms">
        <forms loginUrl="~/Login"></forms>
      </authentication>
      <authorization>
        <deny users="?" />
      </authorization>

which I have done. But the next part confuses me. I have been reading about WinLog and WebLog pages and one has to be Windows Authentication and the other a forms Authentication.

I am under the impression this is how the flow should go

  1. Add the lines above to your web.config
  2. Brings user to login page
  3. User gets redirected from another project that has Windows Authenication with the creds they filled and the other project sends a response saying yes or no.

The part after the web.config is super confusing, can someone tell me if I am on the right track or far from it?

What I am trying to do is not have an ugly dialog box, but instead have a custom login page.

If someone can point me in the right direction, that would be great.

user979331
  • 11,039
  • 73
  • 223
  • 418

1 Answers1

1

ASP.NET has 3 different ways of authentication: - Windows - Forms - Passport

Mixed mode authentication has been known as a somehow problematic way of authenticating users, in order to achieve it, you'll need one application to authenticate the users from a form, and another one to authenticate the users from IIS.

You will find some more info here:

ASP.NET MVC and mixed mode authentication http://aspalliance.com/553_Mixed_Mode_Authentication.all https://msdn.microsoft.com/en-us/library/aa291347(v=vs.71).aspx

Community
  • 1
  • 1
Pedro Esteban
  • 21
  • 5