Mixing Windows and Forms Authentication in ASP.NET

2019-06-25 13:07发布

问题:

I'm currently trying to set up a website that uses both windows authentication and forms authentication. I am using ASP.NET MVC and both IIS6 and 7 need to be supported. How would I go about letting known AD users into the app (their AD id is stored against their user record in the application database) and directing everyone else to a standard username/password page.

回答1:

It seems the answer is no. We've had to set up 2 sites, the main application with forms authentication and a separate windows authenticated site which redirects to the forms site with a token which expires quickly telling the forms site that an authenticated user is incomming.



回答2:

What about the option using custom 401 redirect at IIS level outlined in this article