I have a MVC3 website that right now uses Forms Authentication and it functioning great. The site requires client internet users to have a log in that we provide. In addition, I have a few internal user accounts for site administration.
I’m considering creating a second intranet site that the network users can navigate to that will authenticate them using Windows Authentication. I’d like to then map the Windows User to one of the internal user accounts mentioned above. Once authenticated and mapped, I’d like to redirect them from this intranet site to the internet site with the log in I just mapped to them.
I’ve tried some of the mixed Windows/Forms Authentication solutions out there, but they don’t work with MVC3 and IIS7 as most of them were pretty much hacks that don’t really apply to the later technologies.
I’m wondering if this is a worthwhile attempt before going down this road?
If so…
How can I redirect and pass the login to the internet site from the intranet site?
Thanks in advance,
Jeff
Here’s one way:
If you have 2 sites:
http://www.mywebsite.com and intranet.mywebsite.com
On the internet site (after Windows Authentication has identified the user), use the FormsAuthentication API to set a FormsAuthentication cookie that will then be valid on the external site.
After the FormsAuthentication cookie is set, the external site will see the user as being logged in just the same way as if they logged in using FormsAuthentication on the external site.
P.S. Also make sure that KB2416472 is installed on all machines (its a Forms Authentication vulnerability update)