Re: Authentication? Forms without Anynymous access

From: Paul (Paul_at_discussions.microsoft.com)
Date: 06/17/05 

Date: Fri, 17 Jun 2005 08:16:27 -0700

ok thanks for the response. With my web application I have set up roles and a
page that allows an administrator of the web application to add users and set
these roles, so sounds like I need to have the Authentication method in IIS
(Anonymous access) checked or enabled. 

-- 
Paul G
Software engineer.
"Joe Kaplan (MVP - ADSI)" wrote:
> I think you need to have a talk with your admins and help them understand 
> your application better.
> 
> If anonymous is disabled, that means that users will be authenticated via 
> Windows, generally against a Windows domain, but possible against local 
> machine accounts as well.  If your app needs to authenticate users defined 
> in a database, you need to use forms authentication and anonymous must be 
> enabled in IIS for this to work.
> 
> If the need is for your app to authenticate users in the domain, then you 
> should disable forms auth (switch back to Windows mode in web.config) and 
> authenticate users that way.
> 
> Joe K.
> 
> "Paul" <Paul@discussions.microsoft.com> wrote in message 
> news:1BC083A9-9A30-4F93-AE7B-C527FC9BE923@microsoft.com...
> > Hi I have a .net web application using .net framework 1.1 and am using 
> > forms
> > authentication (<authentication mode = "Forms">) in web. config file.  So
> > have a form that inputs user name and password and compares this with a 
> > table
> > in a dbase.  I plan on moving this to a server where they do not allow
> > Anonymous access, just wondering if the application will still work or is
> > Anonymous access just another layer of security?
> > thanks,
> > -- 
> > Paul G
> > Software engineer. 
> 
> 
>

Relevant Pages

  • Re: Authentication? Forms without Anynymous access
    ... Windows, generally against a Windows domain, but possible against local ... If your app needs to authenticate users defined ... If the need is for your app to authenticate users in the domain, ... > Anonymous access, just wondering if the application will still work or is ...
    (microsoft.public.dotnet.security)
  • VPN kerberos? NAS issue
    ... I have a Windows 2003 native Active Directory. ... I have a 3rd Party VPN ... solution that uses SecurID tokens to authenticate users before allowing them ... access the NAS boxes without this error. ...
    (microsoft.public.windows.server.networking)
  • Re: Authentication? Forms without Anynymous access
    ... If you want to keep using that system and forms auth, ... If you really want to use Windows auth, then you can still do role-based ... If your app needs to authenticate users ... >> If the need is for your app to authenticate users in the domain, ...
    (microsoft.public.dotnet.security)
  • Re: Authentication before windows login
    ... > biometric fingerprint device and we want to authenticate users by using ... What about running your app as Windows Shell ...
    (microsoft.public.vb.winapi)
  • Re: Authentication? Forms without Anynymous access
    ... user information so am hoping to keep using the FORMS authentication. ... Paul G ... > If you really want to use Windows auth, then you can still do role-based ... >> (Anonymous access) checked or enabled. ...
    (microsoft.public.dotnet.security)