ASP.NET MVC Urls and IIS Integrated Windows Authentication?
Just recently I had to do something similar. I had a requirement of Forms Authentication for most of my asp. Net MVC app, with one part that needed Windows Authentication What I ended up doing was to split my web app into two projects The first project was hosted in the root of the web site under IIS.
This was running Forms Authentication The second project was hosted as a virtual directory of the same web site. This was running Windows Authentication The only tradeoff is that you may end up with a URL of /reports/reports/% (or whatever you name the virtual directory).
Just recently I had to do something similar. I had a requirement of Forms Authentication for most of my asp. Net MVC app, with one part that needed Windows Authentication.
What I ended up doing was to split my web app into two projects. The first project was hosted in the root of the web site under IIS. This was running Forms Authentication.
The second project was hosted as a virtual directory of the same web site. This was running Windows Authentication. The only tradeoff is that you may end up with a URL of /reports/reports/% (or whatever you name the virtual directory).
You can't manage mixed mode authentication through the web.config. There's a decent (long) article here that describes one way of getting around that limitation.
I have an ASP.NET MVC app which is completely behind Forms Authentication. However there is one set of routes (/report/%) I need to force integrated windows authentication on, as those pages need to impersonate the current user (for security reasons). If I set the whole site to integrated windows authentication this all works, except that firefox prompts users for the username/password twice as they hit the sites home page (once for windows authentication, then again for the forms authentication) whereas IE only prompts for forms authentication.
This is fine and I know this is the default behavior of Firefox, however so as not to anoy users I've been asked to restrict the windows authentication requirement to only the /report/* section of the site, so they only get prompted if they go to any page within /report/%. In ASP.NET WebForms this is easy enough as there is a physcial /report folder to place the authentication config on, but in MVC this URL is virtual, so I can't do this. Does anyone know a good way to do this?
I've tried to create a "gateway" aspx page that users need to go through first before redirecting to the appropriate report page, and although Firefox does prompt the user for their windows credentials at the right point, it doesn't seem to keep sending those details for subsequent requests to any of the /report/% pages. Would be super grateful!
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.
Related Questions
Windows integrated (NTLM) authentication vs Windows integrated (Kerberos)?
ASP.NET MVC application when deployed to IIS 7 in integrated mode using NHibernate data will not load?
With integrated windows authentication and asp.net, the user changes password and is prompted to login again. why?
FTP to IIS 6 Server from IIS 7 Server ASP.NET MVC?
ASP.NET MVP as a symbiosis of ASP.NET Webforms and ASP.NET MVC?
Set authentication as true for the view of the control that performs the authentication in ASP.Net MVC?