How do I allow Windows Authentication in ASP.NET MVC4 application with multiple domains?

只谈情不闲聊 提交于 2019-12-31 03:36:09

问题


Two questions regarding Windows Auth in MVC4 application:

  1. How to I set it up so I can authenticate against two windows domains?

What I am trying to do:

[Authorize(Roles = @"DOMAINONE\Group Name")]
public class HomeController : Controller
{
    public ActionResult Index()
    {
        return View();
    }
    ...
}

And the other domain:

[Authorize(Roles = @"DOMAINTWO\Group Name")]
public class StaffController : Controller
{
    public ActionResult Index()
    {
        return View();
    }
    ...
}
  1. Is there a way to make to login screen an form on a page, rather than the pop-up window asking for a username/password?

回答1:


May be you would like to see the mix of Windows and forms authentication : Is there a way to make to login screen an form on a page, rather than the pop-up window asking for a username/password?

If you're in classic mode - you can have both Windows and Forms authentication. An alert will pop up

Challenge-based and login redirect-based authentication cannot be used 
simultaneously

you can however ignore this warning. CarlosAg says that:

we decided to leave it there was because it is still behavior that many user 
scenarios  would be consider incorrect, since most of the time forms 
authentication  uses anonymous  authentication and not windows.

Read here.

Now when you want to use windows authentication, you may find solution here: http://mvolo.com/iis-70-twolevel-authentication-with-forms-authentication-and-windows-authentication/, which allows to change the authentication way for a page. Another way you can manage this when using windows authentication is to manage usernames using code:

string user = Request.ServerVariables["LOGON_USER"];

Refer this link: http://beensoft.blogspot.in/2008/06/mixing-forms-and-windows-authentication.html , which gives a different way of mixing Forms and Windows authentication.




回答2:


The first thing you need to do is set your authentication mode in web.config if you haven't already.

<system.web>
  <authentication mode="Windows"/>
</system.web>

This should eliminate the challenge provided the user is already authenticated in his/her domain.

Are DOMAINONE and DOMAINTWO subdomains of the same domain?



来源:https://stackoverflow.com/questions/17934715/how-do-i-allow-windows-authentication-in-asp-net-mvc4-application-with-multiple

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!