Hi,
I'm writing an application using forms authentication, and have
implemented roles-based authorization using custom Principal and
Identity classes. This is all working fine, but now the client wants to
bypass the forms authetication when an intranet user is accessing the
system from the internal netwrok - Internet users will still use the
login form.

Is there a clean way (or any way!) of accessing the NT user account
details when using forms authentication and anonymous access in IIS?

Any help is much appreciated ...

Graham

The easiest way would be to set up a mirror of the site that just uses
Windows authentication.

Then, if you can get your roles to be the same between both versions of the
application, they should both work without modification.  Alternately, you
might consider building a simple mapping via web.config for the actual role
names to use at runtime.  The Windows app would use the appropriate Windows
group names and the forms app would use the custom roles you've defined.

Another option would be to write an HttpModule that would map the Windows
groups to your custom roles and rewrite the custom IPrincipal to use the the
custom roles.

Any of those should work.  There are also some samples that people have
posted that show combining Windows and Forms auth in the same application,
but I think keeping them separate is actually a little easier.

Joe K.

Show quoteHide quote

Error instantiating RSACryptoServiceProvider
Error from CAS Config util
Newbie error on output
Running programs located on server
Custom IPrincipal and declarative security checking