MVC 4 ACS and Forms Authentication
Question
I have an MVC4 application with forms authentication. It is in production and working fine. We are looking into moving the authentication part to Azure Active Directory so we can authenticate users the the various resources through more than just a web ui. We can't get rid of the old accounts that were created since we still have active users, but we would like to add social logins(Google, Facebook, Yahoo!). We looked at ACS and it worked fine, but it forcing authentication for EVERYTHING. We have some pages that should be public and should not need authentication.
So, in short, the final result is to be able to authenticate users from any mentioned provider as well as the accounts that we already have(can be migrated to AD) and have public pages not require authentication. Similar to StackOverflow, where they use Google, Facebook, and their own.
Maybe my architecture is not right, so any suggestions are welcome!
Thanks in advanced.
2 answers
solution1
0 2014-04-22 06:39:50
Did you try AllowAnonymous Attribute in MVC 4,if not check here : http://blogs.msdn.com/b/rickandy/archive/2012/03/23/securing-your-asp-net-mvc-4-app-and-the-new-allowanonymous-attribute.aspx
Let us know if it helped, Happy Coding !!
solution2
0 2014-04-22 07:45:43
ACS doesn't "force" authentication, your mvc app does.
Check your global filters (they work like an [Authorize] attribute for your entire app), check your controllers and action methods for authentication logic / attributes, check your web.config "authorization" tags for "allow" and "deny" rules.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.