Mixing Forms authentication with Windows authentication

by

Actually, you can do it. Bit late for @dr_draik, but this cropped up in a google result for me so I thought I’d share some knowledge.

If you’re in classic mode – Enable both Windows and Forms auth. You’ll get a warning about not being able to do both at once, but you can ignore it. Then, you can spelunk around various properties like
Code:

HttpContext.Current.Request.ServerVariables["LOGON_USER"]

and fish the username out of there.

If you’re in integrated mode – 4021905 IIS7 Challenge-based and login redirect-based authentication cannot be used simultaneiously leads to IIS 7.0 Two-Level Authentication with Forms Authentication and Windows Authentication which is a module that allows you to selectively change the auth for different pages.

More Related Contents:

  1. Receiving login prompt using integrated windows authentication
  2. IIS7 folder permissions for web application
  3. Forms Authentication Ignoring Default Document
  4. Impersonate using Forms Authentication
  5. ASP.NET MVC – Set custom IIdentity or IPrincipal
  6. Can some hacker steal a web browser cookie from a user and login with that name on a web site?
  7. Avoid web.config inheritance in child web application using inheritInChildApplications
  8. IIS 500.19 with 0x80070005 The requested page cannot be accessed because the related configuration data for the page is invalid error
  9. IIS7 Cache-Control
  10. How do I protect static files with ASP.NET form authentication on IIS 7.5?
  11. IIS7 Overrides customErrors when setting Response.StatusCode?
  12. Difference between and ?
  13. X-Frame-Options Allow-From multiple domains
  14. Asp.net forms authentication and multiple domains
  15. Global ASAX – get the server name
  16. Mailbox unavailable. The server response was: 5.7.1 Unable to relay for [email protected] [closed]
  17. HTTP Error 500.19 – Internal Server Error
  18. Login failed for user ‘NT AUTHORITY\NETWORK SERVICE’
  19. Hosting ASP.NET in IIS7 gives Access is denied?
  20. What do I need to change to allow my IIS7 ASP.Net 3.5 application to create an event source and log events to Windows EventLog?
  21. Removing/Hiding/Disabling excessive HTTP response headers in Azure/IIS7 without UrlScan
  22. double escape sequence inside a url : The request filtering module is configured to deny a request that contains a double escape sequence
  23. IIS7 – The request filtering module is configured to deny a request that exceeds the request content length
  24. What does ‘IISReset’ do?
  25. The configuration section ‘system.web.extensions’ cannot be read because it is missing a section declaration
  26. Unrecognized attribute ‘targetFramework’. Note that attribute names are case-sensitive
  27. Forms authentication: disable redirect to the login page
  28. Can I change the FormsAuthentication cookie name?
  29. ASP.NET session state and multiple worker processes
  30. Different users get the same cookie – value in .ASPXANONYMOUS

Leave a Comment