Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Tom Cowling 144 posts 343 karma points
    Sep 01, 2015 @ 15:54
    Tom Cowling
    1

    modifying my web.config

    Hey,

    I wasn't sure where to post this question so I settled on Extending Umbraco (Admins - feel free to move if more appropriate somewhere else).

    I've created a small site that is just for internal use only. Everyone at my place of work gets to the internet via the same IP, so I would like to lock the site to that IP. This works fine via IIS, but I couldn't get it to work by adding a

    What I would like to do in addition to this, is if a user wants to access the site from home, they can get in by authenticating against our AD.

    I have used both the

    Any help would be much appeciated!

    So to recap, I'm looking to do the following:

    1. If a user has the IP x.x.x.x, let them straight in with no authentication
    2. If a user has a different IP, prompt for login and authenticate against AD

    Thanks,

    Tom

  • Marc Goodson 2155 posts 14406 karma points MVP 9x c-trib
    Sep 04, 2015 @ 21:32
    Marc Goodson
    0

    Hey Tom

    Is this access to the Umbraco backoffice or access to the site itself ?

    I think you mean the actual site... so

    Could you therefore protect the site with 'Public Access' in Umbraco and specify a login page, that has the form for supplying AD Username and password, that on submit, authenticates against the AD credentials and logs the user in as an Umbraco Member

    And in tandem, have a 'rewrite' redirect rule in web.config to match the same login url, but with a condition clause so it is only matched when the {local_addr} matches your same IP pattern, the rewrite would send the user to another url that would login them in anonymously as an Umbraco Member...

    but is there any concept of logged in member afterwards, eg displaying name or applications on the site ?

    (caveat, just theorising here, not sure if that would work, actually in the past, I've either created a second Umbraco site in IIS, or plumbed in my own custom Membership provider to switch in for Umbraco Members and the more complex authentication logic)

  • Tom Cowling 144 posts 343 karma points
    Sep 08, 2015 @ 16:15
    Tom Cowling
    0

    Sounds great - I'll look into that. :)

    It is indeed for the front end of the site. It's in essence just a load of information that I don't really want anyone externally looking at, but at the same time don't want to put a login box up as a barrier to stop people at the workplace just viewing the content.

    I'm slightly baffled as to why it's so hard to do when years and years ago I had no problem doing it very easily with a htaccess file on an apache server. I just named the ips I wanted to allow, then told it the ldap string.

Please Sign in or register to post replies

Write your reply to:

Draft