Choosing Integrated vs. Forms authentication dynamically

[Rob Blitz]

I'd like to have my (intranet) application's users choose to use their NT
Login account credentials or specify another UserID/password combo on the
app's login page. Is this possible? So far, I've only seen ASP.NET examples
where you have either integrated Windows authentication OR Forms specified
in webconfig.xml.

Use a custom HTTPHandler or HTTPModule?

If anyone can paint a simple picture of how this can be done I'd appreciate
it.

[MSFT]

Hi Rob,

I think you may make the user make the choice on the login form. For
example, there are two options: 1. with default windows account; 2, specify
a special windows account with name and password. On server side, you can
get the informaiton from login form and authenticate the credential. For
detailed information, you may refer to this KB article:

HOW TO: Authenticate against the Active Directory by Using Forms
Authentication and Visual Basic .NET
[url]http://support.microsoft.com/default.aspx?kbid=326340[/url]

Hope this help,


Luke
Microsoft Online Support

Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

[Rob Blitz]

Luke,
Thanks for the response.

So I would create a form that had, say, an "auto login" button that says
something like "Login as user logged into this machine" and right below it
would be the second alternative, which would be a form with inputs fields
for user id and password with a button that says "Login as another user".
The second alternative allows me to go to a coworkers workstation where they
were logged in, and login as myself rather than using their NT logon token.

Now, I have to choose windows OR forms authentication in web.config; I can't
use both. If I do as the KB article suggests, I use forms authentication.
But if I do this, my "auto login" button won't work. What I'm really after
here is a way to allow a user to not have to input their user id and
password if they are already logged in on that machine while at the same
time, allowing users to do an explicit authentication as any user.

I've seen this done in MS Project Server's web interface.

Rob


"MSFT" <lukezhan@online.microsoft.com> wrote in message
news:pdlb1gulDHA.576@cpmsftngxa06.phx.gbl...

> Hi Rob,
>
> I think you may make the user make the choice on the login form. For
> example, there are two options: 1. with default windows account; 2,

specify

> a special windows account with name and password. On server side, you can
> get the informaiton from login form and authenticate the credential. For
> detailed information, you may refer to this KB article:
>
> HOW TO: Authenticate against the Active Directory by Using Forms
> Authentication and Visual Basic .NET
> [url]http://support.microsoft.com/default.aspx?kbid=326340[/url]
>
> Hope this help,
>
>
> Luke
> Microsoft Online Support
>
> Get Secure! [url]www.microsoft.com/security[/url]
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>

[MSFT]

Hi Rob,

I think you may choose Form authentication only. When user choose "auto
login", you can get his account from Request object's ServerVariables
Property and its IsAuthenticated property.

On IIS virtual folder, you can set integrated windows authentication; In
web.config, you can set form authentication.

Luke
Microsoft Online Support

Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)