Mixing Windows Authentication with Forms Authentication

Consider a site used for an intranet which should also be accessible from the internet. On the intranet you want to use Windows Authentication and on the int开发者_StackOverflow社区ernet you want the users to access the site using forms authentication.

Is it possible to set up a mixed-mode with these two? I just want to validate that the user is logged in with either of them without using two sites.

You may want to look at a similar question: mixed mode authentication against AD and fallback to the database if it fail with Membership providers

In the answer I posit a solution using a facade. I have leveraged this approach to integrate AD on multiple domains, aspnet sql provider and a legacy authentication database with measurable success.

I know of no build-in way of doing this. But you can use a simple workaround:

Choose forms authentication as your primary authentication and map windows authentication to it. You can do so in the applications AuthenticateRequest using global.asax or a special http handler or module. Identify your intranet user in this request and set the forms authentication cookie using FormsAuthentication.SetAuthCookie programmatically.

I actually use this for a mixed mode forms and IP-Number authentication, but I think it would work for forms and windows auth too.

By the way: Maybe mixed mode forms and IP-Number authentication is a second solution for your problem. If your server is part of a DMZ you can detect your Intranet user by the IP number subnet.

Hei, I had seen this page talking about 2 level authentication with IIS7: IIS 7.0 Two-Level Authentication with Forms Authentication and Windows Authentication, and this other that has the same requirements as you: IIS mixed mode authentication for ASP.NET Applications -http://beaucrawford.net/post/IIS-ldquo3bmixed-moderdquo3b-authentication-for-ASPNET-Application.aspx, but I didn't try any, maybe it works for you? I guess you just have to adapt it for your needs.