Re: Authentication problem

Thank you for your response, however, I feel I must tell you that I do not
know how your solution of deploying two instances of the same application -
one internal for windows authentication, one external with forms
authentication - is any more secure than a single instance accessible to
both parties. It's interesting that you are quick to criticize and dismiss
an architecture without knowing any of the details of it.


"Cowboy (Gregory A. Beamer)" <NoSpamMgbworld@xxxxxxxxxxxxxxxxxx> wrote in
message news:%23w7Yw132GHA.4312@xxxxxxxxxxxxxxxxxxxxxxx
I am not familiar with this issue, but I can tell you a multitude of
reasons why this should be two sites (one internal and one external) with
each configured for its own authentication method. By channeling internal
users outside of the firewall or proxying internal sites out, you are
taking a chance that external users can hack through otherwise secure
systems. Despite how much quicker this type of development might be, you
are better to allow for both types of auth on the backend and flipping the
config method based on which site you are deploying than you are setting
both types in one site.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

*************************************************
Think outside of the box!
*************************************************
"Dave Slinn" <CougarDave@xxxxxxxxxxxxxxx> wrote in message
news:OZybZI32GHA.2152@xxxxxxxxxxxxxxxxxxxxxxx
I have come across a very weird situation. I made a slight modification
to our authentication process to allow a single deployed website to
authenticate a user with either forms authentication (if coming from an
unknown network, such as the internet) or windows authentication (if
coming from our own internal network). Everything is working fine, and
the authentication is working exaclty as expected. However, a weird side
effect is that once authenticated, the IsPostBack property will now only
return False, and event handler methods like Button.Click are not called.

This occurs even though the server variable REQUEST_METHOD is returning a
POST when a post back event, such as a button click, occur.

Sorry for the cross-post, but I'm not sure what category this problem
falls in. Has anybody ever experienced a situation where the IsPostBack
= False even though Request.ServerVariables("REQUEST_METHOD") = "POST"??







.