locked
Multiple Authentication Options for Application RRS feed

  • Question

  • Good afternoon --

    I'm trying to develop one ASP.NET application in Visual Basic that allows anonymous access to some portions but allows Windows Authentication and/or Forms-based Authentication for the secure sections.  More specifically, if someone enters the application, the application should try to use Windows Authentication to create the authentication cookie.  If that's not possible, the user is provided anonymous access until such time as they request to log into the application, when the user is presented a login form.

    I'm finding no help from Google.  I'm prepared to use web.config to secure folders or individual pages as needed.

    What I need is:

    • Is this even possible?
    • What documentation is available to show me what I need to code?
    • Are there terms I should be using that will aid my search of MSDN/Google?
    • Is there good documentation to explain how .NET maintains authentication (cookie or cookieless) that will help me understand the process?

    Thanks,
    Michael

    Tuesday, February 11, 2014 5:51 PM

All replies

  • I would recommend posting to the below ASP.NET forum. I don't believe that it is possible mix Windows Auth and Anonymous like you describe, but there may be workarounds if your app is split into separate applications.

    http://forums.asp.net/25.aspx/1?Security


    Paul ~~~~ Microsoft MVP (Visual Basic)

    Tuesday, February 11, 2014 6:22 PM