RE: Mixing Forms and Windows Securiey
- From: lukezhan@xxxxxxxxxxxxxxxxxxxx (Luke Zhang [MSFT])
- Date: Wed, 28 Jun 2006 03:25:59 GMT
Hello Jerry,
Yes, I have downloaded the code and tested it on my side:
public class Global : System.Web.HttpApplication
{
public const string ReturnUrl = "MixedSecurity.ReturnUrl";
"Global.ReturnUrl" is actually a static string "MixedSecurity.ReturnUrl".
Regarding the question about login box, I found this is pop up before our
ASP.NET application is touched. The login box is raised by IE in
conversation between IE and IIS. When a file (WinLogin.aspx in this case)
was set with integrated authentication, it will require client IE send
windows authenticated token. If it didn't found the toke, it will return an
error to IE and IE will pop up the login box for user account input. We
cannot control this from server side. The only way is set anonymous login
in client IE as you mentioned, or we can tell user to click Cancel button
if they don't have a valid windows account.
Regards,
Luke Zhang
Microsoft Online Community Lead
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
.
- References:
- RE: Mixing Forms and Windows Securiey
- From: Luke Zhang [MSFT]
- RE: Mixing Forms and Windows Securiey
- Prev by Date: Dynamic LoginView and AnonymousTemplate?
- Next by Date: Re: GetCompiledPageInstance and Medium trust application level
- Previous by thread: RE: Mixing Forms and Windows Securiey
- Next by thread: Active Directory
- Index(es):
