Is it possible to have a link that attempts windows integrated security authentication on one of my pages in an project where the web.config is set to Forms?
A:
The security mechanism would be dependent on the page/application that the link is pointing to, not on the link itself. Are you linking to a resource within the same project?
Note: This article describes the inherent problem and a potential solution.
mannish
2009-11-25 18:17:33
It's the entry page. where if for some reason the request came through without windows authentication, I would have a link that would attempt to correct the problem and authenticate them via windows. For authenticated users it would have a link to the next page in the app as appropriate for the particular user.
Maslow
2009-11-25 18:40:27
The problem is that you're trying to tell a Forms Auth app to attempt an authentication via Windows. A single ASP.NET app won't be able to do this without some difficulty. I've added a link to my answer that describes a possible solution, but it requires a secondary entry point that is a separate application using Windows Auth.
mannish
2009-11-25 21:30:17
I would think you could have a link that tried to AJAX load a method that is set to [Authorize] which would switch all future requests to use the already established Windows Authentication. Decorate the next level directory down so that all pages beyond that entry page are set to windows authentication?
Maslow
2010-01-08 16:46:27
A:
I think you could do it in a round about way - it wouldn't trigger the browser's internal Windows Authentication dialog, but you could still validate against a domain using LDAP - this question/answer might help.
cottsak
2009-11-26 07:39:10