I wasn't sure where to post this question so I settled on Extending Umbraco (Admins - feel free to move if more appropriate somewhere else).
I've created a small site that is just for internal use only. Everyone at my place of work gets to the internet via the same IP, so I would like to lock the site to that IP. This works fine via IIS, but I couldn't get it to work by adding a
What I would like to do in addition to this, is if a user wants to access the site from home, they can get in by authenticating against our AD.
I have used both the
Any help would be much appeciated!
So to recap, I'm looking to do the following:
If a user has the IP x.x.x.x, let them straight in with no authentication
If a user has a different IP, prompt for login and authenticate against AD
Is this access to the Umbraco backoffice or access to the site itself ?
I think you mean the actual site... so
Could you therefore protect the site with 'Public Access' in Umbraco and specify a login page, that has the form for supplying AD Username and password, that on submit, authenticates against the AD credentials and logs the user in as an Umbraco Member
And in tandem, have a 'rewrite' redirect rule in web.config to match the same login url, but with a condition clause so it is only matched when the {local_addr} matches your same IP pattern, the rewrite would send the user to another url that would login them in anonymously as an Umbraco Member...
but is there any concept of logged in member afterwards, eg displaying name or applications on the site ?
(caveat, just theorising here, not sure if that would work, actually in the past, I've either created a second Umbraco site in IIS, or plumbed in my own custom Membership provider to switch in for Umbraco Members and the more complex authentication logic)
It is indeed for the front end of the site. It's in essence just a load of information that I don't really want anyone externally looking at, but at the same time don't want to put a login box up as a barrier to stop people at the workplace just viewing the content.
I'm slightly baffled as to why it's so hard to do when years and years ago I had no problem doing it very easily with a htaccess file on an apache server. I just named the ips I wanted to allow, then told it the ldap string.
modifying my web.config
Hey,
I wasn't sure where to post this question so I settled on Extending Umbraco (Admins - feel free to move if more appropriate somewhere else).
I've created a small site that is just for internal use only. Everyone at my place of work gets to the internet via the same IP, so I would like to lock the site to that IP. This works fine via IIS, but I couldn't get it to work by adding a
What I would like to do in addition to this, is if a user wants to access the site from home, they can get in by authenticating against our AD.
I have used both the
Any help would be much appeciated!
So to recap, I'm looking to do the following:
Thanks,
Tom
Hey Tom
Is this access to the Umbraco backoffice or access to the site itself ?
I think you mean the actual site... so
Could you therefore protect the site with 'Public Access' in Umbraco and specify a login page, that has the form for supplying AD Username and password, that on submit, authenticates against the AD credentials and logs the user in as an Umbraco Member
And in tandem, have a 'rewrite' redirect rule in web.config to match the same login url, but with a condition clause so it is only matched when the {local_addr} matches your same IP pattern, the rewrite would send the user to another url that would login them in anonymously as an Umbraco Member...
but is there any concept of logged in member afterwards, eg displaying name or applications on the site ?
(caveat, just theorising here, not sure if that would work, actually in the past, I've either created a second Umbraco site in IIS, or plumbed in my own custom Membership provider to switch in for Umbraco Members and the more complex authentication logic)
Sounds great - I'll look into that. :)
It is indeed for the front end of the site. It's in essence just a load of information that I don't really want anyone externally looking at, but at the same time don't want to put a login box up as a barrier to stop people at the workplace just viewing the content.
I'm slightly baffled as to why it's so hard to do when years and years ago I had no problem doing it very easily with a htaccess file on an apache server. I just named the ips I wanted to allow, then told it the ldap string.
is working on a reply...