This question has been asked multiple times but none of the solutions have worked for me yet. I can't understand how they are mixing multiple authentications with windows authentication.
These links
[1]: MVC - Mixed Auth - OWIN + Windows Auth
[2]: https://www.asp.net/aspnet/overview/owin-and-katana/enabling-windows-authentication-in-katana
explains that i need to enable both Anonymous and Windows authentication to mix it up, but after enabling Anonymous authentication, my application is not asking for windows login credentials.
I tried disabling Anonymous and then added a dummy claims based authentication to authenticate every request but it was asking for windows login credentials then.
My intention is to support certificate authentication as well as windows authentication.
0
votes
1 Answers
0
votes
My methods of experimenting with authentication was wrong. Trying to setup a dummy authentication didn't work. After setting up proper environment where my api was already doing windows authentication all I had to was add token based authentication for the api inside Configuration method of OWIN
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = "tenant link",
TokenValidationParameters = new TokenValidationParameters
{
ValidAudiences = audienceUris
},
});
So OWIN supports multiple authentication out of box, and we just need to add an authentication method to make it work.
