Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Mixed authentication for OWIN

I have two authenticate users in two ways:

  1. If they are an internal user we authenticate through Windows' active directory
  2. If they registered with the site they authenticate through Forms Authentication

In MVC 3/4 I was able to accomplish this by implementing a custom membership provider and custom role provider.

Is the same possible in MVC 5 using OWIN and Identity and how can it be done?

like image 785
James Sampica Avatar asked Jan 09 '14 19:01

James Sampica


People also ask

What is OWIN authentication middleware in ASP NET?

ASP.NET Identity Tutorial – OWIN Authentication Middleware The OWIN authentication middleware is used for authenticating users. In older ASP.NET Applications, we used Forms authentication module to authenticate the users into our application. When a user logs in his credentials are verified by querying the information from the data store.

What is a mixed mode authentication?

Show activity on this post. In essence a mixed mode is a forms authentication with a windows authentication entry point, once the user gets passed it, the normal forms authentication flow takes place. So for windows authentication to work, I have to rely on one of the provided hosts, either IIS or Self-host (System.Net.HttpListener).

What is the difference between forms authentication and OWIN authentication?

The OWIN authentication middleware replaces the Forms Authentication module. The OWIN authentication middleware can issue authentication cookies on its own or it can use the external logins like facebook, google, twitter etc to do that.

How to configureauth (app) from OWIN configuration?

Configuration method is where all the configuration related information of all our OWIN middleware must be added. Change the class definition to partial. Call the method ConfigureAuth (app) inside the Configuration in the startup.cs.


1 Answers

In essence a mixed mode is a forms authentication with a windows authentication entry point, once the user gets passed it, the normal forms authentication flow takes place.

Enabling Windows Authentication in Katana

Katana does not currently provide OWIN middleware for Windows Authentication, because this functionality is already available in the servers

So for windows authentication to work, I have to rely on one of the provided hosts, either IIS or Self-host (System.Net.HttpListener).

I made a solution that makes it look like an external provider, mapping windows identities as external logins.

Mixed Authentication

Source code : https://github.com/MohammadYounes/MVC5-MixedAuth

like image 104
MK. Avatar answered Oct 14 '22 00:10

MK.