Re: Authentication? Forms without Anynymous access

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 06/17/05

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: PrincipalPermission trouble"
• Previous message: Jeff: "Re: Using an updated or newer assembly?"
• In reply to: Paul: "Authentication? Forms without Anynymous access"
• Next in thread: Paul: "Re: Authentication? Forms without Anynymous access"
• Reply: Paul: "Re: Authentication? Forms without Anynymous access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 17 Jun 2005 09:53:59 -0500

I think you need to have a talk with your admins and help them understand
your application better.

If anonymous is disabled, that means that users will be authenticated via
Windows, generally against a Windows domain, but possible against local
machine accounts as well. If your app needs to authenticate users defined
in a database, you need to use forms authentication and anonymous must be
enabled in IIS for this to work.

If the need is for your app to authenticate users in the domain, then you
should disable forms auth (switch back to Windows mode in web.config) and
authenticate users that way.

Joe K.

"Paul" <Paul@discussions.microsoft.com> wrote in message
news:1BC083A9-9A30-4F93-AE7B-C527FC9BE923@microsoft.com...
> Hi I have a .net web application using .net framework 1.1 and am using
> forms
> authentication (<authentication mode = "Forms">) in web. config file. So
> have a form that inputs user name and password and compares this with a
> table
> in a dbase. I plan on moving this to a server where they do not allow
> Anonymous access, just wondering if the application will still work or is
> Anonymous access just another layer of security?
> thanks,
> --
> Paul G
> Software engineer.

---

• Next message: Joe Kaplan \(MVP - ADSI\): "Re: PrincipalPermission trouble"
• Previous message: Jeff: "Re: Using an updated or newer assembly?"
• In reply to: Paul: "Authentication? Forms without Anynymous access"
• Next in thread: Paul: "Re: Authentication? Forms without Anynymous access"
• Reply: Paul: "Re: Authentication? Forms without Anynymous access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages VPN kerberos? NAS issue ... I have a Windows 2003 native Active Directory. ... I have a 3rd Party VPN ... solution that uses SecurID tokens to authenticate users before allowing them ... access the NAS boxes without this error. ... (microsoft.public.windows.server.networking) Re: Authentication? Forms without Anynymous access ... If you want to keep using that system and forms auth, ... If you really want to use Windows auth, then you can still do role-based ... If your app needs to authenticate users ... >> If the need is for your app to authenticate users in the domain, ... (microsoft.public.dotnet.security) Re: Authentication? Forms without Anynymous access ... Paul G ... > Windows, generally against a Windows domain, but possible against local ... > If the need is for your app to authenticate users in the domain, ... >> Anonymous access, just wondering if the application will still work or is ... (microsoft.public.dotnet.security) Re: Authentication before windows login ... > biometric fingerprint device and we want to authenticate users by using ... What about running your app as Windows Shell ... (microsoft.public.vb.winapi)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)