Re: Passing form credentials to windows security



I am also having troubles getting customauth to redirect to a specified logon
page. is there any tricks to this.

my page is named logon.htm
and i have specified the full url in the ini
LogonURL=https://www.mydomain.com/logon.htm

Thanks in advance

Doug


"Doug" wrote:

David,

Thats awesome and exactly what I am looking for. Thanks.. My next question
is there any sample custom login forms available. I familiar with posting
forms however does the form post back to the dll?
i assume that the inherent login form is compiled into the dll file however
im ok with creating just an html file or asp file and was wondering if you
knew of some samples out there?

Thanks again!

Doug



"David Wang [Msft]" wrote:

CustomAuth from IIS Platform SDK shows how to pass form credentials.
http://blogs.msdn.com/david.wang/archive/2006/01/24/HOWTO_Install_and_Use_CustomAuth_on_IIS_6.aspx

However, the custom scheme you describe (try Windows first and if it fails,
try forms) cannot be configured. Lots of people want that behavior, but
sorry, the standardized browsers and the authentication protocols just don't
work that way.

You can configure two websites, one Intranet that is Windows only, the other
Extranet that is Forms auth only.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Doug" <Doug@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0393219E-EDF5-4B07-994B-9251F78A9947@xxxxxxxxxxxxxxxx
Ok to explain my scenario here is my goal

I have an intranet site that is available internally as well as
externally.
Currently it is just html files on the intranet (that change may come
later
which will make it easy to secure via an application, unfortunately right
now
that is not an options)

What i would like to do is essentialy mix windows and forms based
authentication however the articles I have found wont exactly accomplish
what
i need since I do not have my intranet as an application.

I have anonymous turned off and integrated authentication turned on so
that
anyone internally does not get prompted for a username and password, the
external side first hits my redirection to ssl page (shich is set to allow
anonoymous access) and then the user gets prompted for a username and
password via the standard windows popup since I have windows NTFS
permissions
set on the entire directory.

What I want to do is if a user is not authenticated via integrated, i want
to present them with a pretty form to log into instead of the windows pop
up
box, and then authenticate them against Active Directory and then pass the
authenticated credentials to IIS as they were logged into the computer
with
those credentials exactly as Microsoft has done with Exchange webmail.

Is this possible and any steps in the right direction would be
appreciated.
I have the form written and is authenticating via Active Directory and
then
doing the redirect to the home page via ssl, the only problem I have to
work
the details on is passing those credentials to windows security so they
are
not prompted for the user name again via the windows pop up box. It looks
as
though the OWA logon passes those credentials to a .dll file that is
handling
this.


Thanks in advance for any tips helping me out on this one.
Please let me know if any of this is unclear.




Doug






.



Relevant Pages

  • Re: supporting multiple authentication methods
    ... i cannot do this from a redirect? ... >>i was going to use two nested web configs with differnet authentication ... >>instead im about to have two separate web apps, one windows one forms. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Performance issues on different servers.
    ... > Are you doing any form of authentication? ... >> We have an application where we have our own custom objects filled with ... >> Windows XP Pro ...
    (microsoft.public.dotnet.framework)
  • Re: Performance issues on different servers.
    ... > Are you doing any form of authentication? ... >> We have an application where we have our own custom objects filled with ... >> Windows XP Pro ...
    (microsoft.public.dotnet.framework.performance)
  • Re: Windows authentication in code
    ... Typically, when you do authentication in code like this, you do it as part ... Why not just use Windows auth? ... may be that impersonation is not the way to go. ... you may redirect him to a windows ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • MOSS 2007 Form Auth w/anonymous access
    ... The anonymous access was working on my MOSS site with windows ... authentication and It now always redirect me to the login page when I change ...
    (microsoft.public.sharepoint.portalserver)