Mixing Windows and Forms Authentication in ASP.NET MVC

4
votes

I'm currently trying to set up a website that uses both windows authentication and forms authentication. I am using ASP.NET MVC and both IIS6 and 7 need to be supported. How would I go about letting known AD users into the app (their AD id is stored against their user record in the application database) and directing everyone else to a standard username/password page.

2
asp.net-mvciis-7forms-authenticationwindows-authentication

2 Answers

1
votes

It seems the answer is no. We've had to set up 2 sites, the main application with forms authentication and a separate windows authenticated site which redirects to the forms site with a token which expires quickly telling the forms site that an authenticated user is incomming.

1
votes

What about the option using custom 401 redirect at IIS level outlined in this article