Redirecting anon users - Forms or Windows Authentication

ar · ar

I have an Intranet site that I'm trying to work out some authentication issues on. Eventually, I want all of our domain users to add the url for the site into their 'Local Intranet' zone in IE so I can read their domain username automatically(using User.Identity.Name) when they hit the site w/out prompting for a login. I have turned off anonymous access on the site, and have added the domain to the Local Intranet zone on my machine, and it works fine.

If a user has not added the domain into their Local Intranet zone in IE, then IIS sees them as trying to connect with the IUSR_machinename account, and rejects it since anonymous access is turned off. They then get prompted for their username and password with the windows login pop-up box.

What I want to do is instead of prompt them for a username/password, I want to redirect them to a page instructing them on how to add the domain to their Local Intranet zone in IE and allow them to login via a form.

I need to give users access to the site based on their windows username, so I had initially used 'windows' authentication in web.config. Can I use forms authentication too so I can redirect them to a custom logon screen and not just show them the generic windows login window? I'm sorry if my question is basic...still trying to learn how .NET authentication works..

Thanks in advance.

chrisrock · chrisrock

Yes.

Enable anonymous access again in IIS.

In your web config replace the authentication element with this one..

<authentication mode="Forms">
<forms name="Application.CookieName"
loginUrl="Login.aspx"
path="/" protection="All" timeout="30">
</forms>
</authentication>

Then replace your
<authorization> tag with:
<authorization>
<deny users="?" />
</authorization>

Couple of notes.
1. You have to create the login.aspx. This can show the information that you want.
2. The ? in the deny element disallows anonymous access to the application.

"ar" wrote:

> I have an Intranet site that I'm trying to work out some authentication issues on. Eventually, I want all of our domain users to add the url for the site into their 'Local Intranet' zone in IE so I can read their domain username automatically(using User.Identity.Name) when they hit the site w/out prompting for a login. I have turned off anonymous access on the site, and have added the domain to the Local Intranet zone on my machine, and it works fine.
>
> If a user has not added the domain into their Local Intranet zone in IE, then IIS sees them as trying to connect with the IUSR_machinename account, and rejects it since anonymous access is turned off. They then get prompted for their username and password with the windows login pop-up box.
>
> What I want to do is instead of prompt them for a username/password, I want to redirect them to a page instructing them on how to add the domain to their Local Intranet zone in IE and allow them to login via a form.
>
> I need to give users access to the site based on their windows username, so I had initially used 'windows' authentication in web.config. Can I use forms authentication too so I can redirect them to a custom logon screen and not just show them the generic windows login window? I'm sorry if my question is basic...still trying to learn how .NET authentication works..
>
> Thanks in advance.

Redirecting anon users - Forms or Windows Authentication

Thread Tools

Display

Redirecting anon users - Forms or Windows Authentication

Similar Questions and Discussions

Solution to Forms Authentication redirecting to bogus default.aspx page with RedirectFromLoginPage

Forms Authentication - Not timing out, not redirecting.

Forms Authentication adding new users programatically

Windows and Forms Authentication

Forms authentication with Windows authentication

RE: Redirecting anon users - Forms or Windows Authentication

Posting Permissions