Intranet Site and Public Internet Site on same instance of Umbraco with Windows Authentication
Hello,
I'm trying to setup both my Intranet site and my public facing website on the same instance of umbraco. For the intranet site, it is required to have Windows authentication. Forms authentication is not an option in this case.
I've managed to setup everthing properly for the intranet side and was even able to add the public facing website properly by setting up up the "Culture and Hostnames" inside umbraco.
However, I would always be prompt for a "Windows Authentication" login, regardless if i'm on the public website or on the intranet, because windows authentication is turned on in IIS. It works great for the Intranet, however, not good for public side.
My question is, is it possible to run both the Intranet and Public website on the same instance of Umbraco, with Windows authentication turned on? Is so, could someone please point me to the right direction.
It's possible but can be a little fiddly. In order to get your Umbraco solution using mixed mode authentication, I would recommend reading this blog post which describes how to do so.
In summary, you should enable forms authentication and disable windows authentication for the whole site. You'll then need to create a WinLogin.aspx page in the root of your site which has windows authentication enabled using the location configuration element in web.config. For example, while using the blog post above, you would have configuration like the following:
This will allow your WinLogin.aspx page to handle windows authentication.
In order to detect a windows login for local users, your login page will need to detect which type of authentication to use. If forms authentication should be used, it should display the login page. If windows authentication should be used, your login page should redirect to WinLogin.aspx so that windows authentication can be used.
How do you detect this you might ask? Well, the only way I've found is to test a local url client side on your login page. If the client's browser can see the url, we know the user should be able to login via windows authentication and should be redirected to your WinLogin.aspx page. If the client's browser cannot see the url, we know the user should use forms authentication to login so we redirect the user back to the login page but with a query string parameter to stop any loop. For example, /login/?cmd=forms. On our login page, we display the actual login form if the query parameter is present.
I hope that helps in your quest for mixed mode authentication.
I am also having similar problems. Is Dan's solution working for you?
How do you add authorization rules to the windows authentication for WinLogin.aspx ?
Intranet Site and Public Internet Site on same instance of Umbraco with Windows Authentication
Hello,
I'm trying to setup both my Intranet site and my public facing website on the same instance of umbraco. For the intranet site, it is required to have Windows authentication. Forms authentication is not an option in this case.
I've managed to setup everthing properly for the intranet side and was even able to add the public facing website properly by setting up up the "Culture and Hostnames" inside umbraco.
However, I would always be prompt for a "Windows Authentication" login, regardless if i'm on the public website or on the intranet, because windows authentication is turned on in IIS. It works great for the Intranet, however, not good for public side.
My question is, is it possible to run both the Intranet and Public website on the same instance of Umbraco, with Windows authentication turned on? Is so, could someone please point me to the right direction.
Thanks,
Ryan
Hey Ryan,
It's possible but can be a little fiddly. In order to get your Umbraco solution using mixed mode authentication, I would recommend reading this blog post which describes how to do so.
In summary, you should enable forms authentication and disable windows authentication for the whole site. You'll then need to create a
WinLogin.aspx
page in the root of your site which has windows authentication enabled using thelocation
configuration element inweb.config
. For example, while using the blog post above, you would have configuration like the following:This will allow your
WinLogin.aspx
page to handle windows authentication.In order to detect a windows login for local users, your login page will need to detect which type of authentication to use. If forms authentication should be used, it should display the login page. If windows authentication should be used, your login page should redirect to
WinLogin.aspx
so that windows authentication can be used.How do you detect this you might ask? Well, the only way I've found is to test a local url client side on your login page. If the client's browser can see the url, we know the user should be able to login via windows authentication and should be redirected to your
WinLogin.aspx
page. If the client's browser cannot see the url, we know the user should use forms authentication to login so we redirect the user back to the login page but with a query string parameter to stop any loop. For example,/login/?cmd=forms
. On our login page, we display the actual login form if the query parameter is present.I hope that helps in your quest for mixed mode authentication.
Thanks, Dan.
Wow Dan, thanks, this is exactly what i'm looking for. Thanks a lot!!
Once again, Thanks for your help
Thanks
Ryan
No problem. Glad I could help Ryan. Don't forget to mark the post as the answer if it answered your question :)
Thanks, Dan.
Hi Ryan,
I am also having similar problems. Is Dan's solution working for you? How do you add authorization rules to the windows authentication for WinLogin.aspx ?
Thank you!
Suichao
is working on a reply...