3

I'm working with an ASP.NET application that is currently used only from intranet. The authentication mode for it is integrated Windows security. I now have a requirement that a part of the system should be visible externally with Forms based authentication.

Is it possible to set up authentication in web.config in a way that access to one of the pages goes through Forms while the other pages use integrated auth? Can it be done using a single web.config or do I need a subfolder with its own web.config file?

I know I could create a separate application for the external part but that would mean moving common parts around which ideally I'd like to avoid.

Michał Drozdowicz
  • 1,232
  • 11
  • 30

2 Answers2

0

authentification-tag can be located only in Machine.config, Root-level Web.config, Application-level Web.config (source).

I suppose you should create new website in IIS for each authorization mode and add virtual directory that point to source code location. Every website should have custom web.config with authorization-settings.

vladimir
  • 13,428
  • 2
  • 44
  • 70
0

You can set two MembershipProvider to authenticate users using FormsAuthentication.

For instance, if you want your application to authenticate intranet users with ActiveDirectory, you will select your first MembersipProvider and for the others the second one (you can manage it simply in your login page).

http://msdn.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx

Or you can implement your own MembershipProvider: http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx

Amir Pournasserian
  • 1,600
  • 5
  • 22
  • 46