Want Forms and Windows authentication to work in combined mode

Question

I am working on application which a´has two types of users external user and internal user(domain user). Now for internal user should directly take users to landing page without asking for username and password. And for external user which are public it should display a form asking for username and password. So I am confused to proceed with such scenario.

Answer 1

I've done it a couple of times. I haven't used this, but there is a project called OWIN-MixedAuth that might help. Even if that doesn't work exactly as you want, it should give you an idea about how it can work.

There are 3 required things to make this work:

• Use Forms Authentication as the main authentication method for your site.
• Create one action that assumes Windows Authentication. It will look for a logged in Windows user and create the Forms authentication token.
• Add a <location> tag to your web.config that changes the authentication for that one action to Windows Authentication. This process is described here . You also need to unlock this feature as described here .

Those three points are the same as the OWIN-MixedAuth project (it sets up the action for you). This is where what I did it different:

• On your forms login page, I hide the username and password fields by default. In the background, I make an AJAX request to the Windows login action. If it succeeds, I forward the user to the home page or whatever page they wanted. If it failed, I show the username/password fields.