.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Post New Web Links

Differentiate between Windows Auth and Forms Auth users when authenticating against same AD with Sha

Posted By:      Posted Date: September 19, 2010    Points: 0   Category :SharePoint
I am currently working on a SharePoint 2010 project where the environment is setup with a SharePoint web application using claims based authentication. The web app is created on port 8081 using Windows Authentication for auth, and extended to port 80 using Forms Based Authentication.

The forms authentication provider is setup to use the same active directory as the windows auth based site, using the following entries in the application's web.config (the entries are in the central administration and security token service web.config files as well):

        <membership defaultProvider="i">
        <add name="i" type="Microsoft.SharePoint.Administration.Claims.SPClaimsAuthMembershipProvider, Microsoft.SharePoint, Version=, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
        <add name="FBA_AD_MP" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADFBAConnectionString" enableSearchMethods="true" attributeMapUsername="userPrincipalName" />

View Complete Post

More Related Resource Links

Forms based users being prompted for windows authentication login for My Sites photos in user lists

Here's an issue I didn't see coming for our forms based authentication users. 

We have a web application extended to an external url to handle forms based authentication for users outside of our domain. Our setup looks like this...

Internal Users/Windows Authentication - moss.domain.com
External Users/Forms Based - mossext.domain.com
My Site for Internal Users - mysites.domain.com

When our forms based users are accessing user lists, or discussion pages that display user pictures, they are getting a windows authentication login for our internal users (mysites.domain.com) who have populated their my site with personal photo.

How do we fix this? 

SQL changes from Mixed to Windows auth mode after SQL updates

We run a SQL 2005 cluster on Windows 2008 in Mixed authentication mode.  The last two times we have applied a SQL security patch, it automatically changed the auth mode from Mixed to Windows-only, taking our applications offline.  Most recently was today, when we applied KB970892. Can someone explain why this is happening and how we can prevent it?

Windows Auth Web App extended to FBA, and only one web app at a time is allowing SSL

I had a farm with about 6 web applications, all using SSL. I just created another web app and extended it to use FBA. I attach a self-signed cert until its ready for prod (in IIS 6 using SelfSSL.exe), both web apps have dedicated IP's, which set under the WebSite tab in the site's properties, as well as "Multiple SSL identities for this Web Site" and the host header is listed above that in "Multiple identities for this web site" and both are listed as having the https:// protocol in Alternate Access Mapping in Central Admin. Everything is set to use port 443, both in Sharepoint and in IIS. But only one of these two web apps will allow an SSL connection at the same time, I can get SSL to work on either one individually, but as soon as I can hit the site with https:// protocol, the other site stops working with SSL, yet can be hit with the http:// protocol. what gives? Thanks

Windows Auth - still showing login prompt in IE...

Hi, I'm trying to setup my IIS 7.0 MVC2 site but having problems. I want to use Integrated Security so that the app can obtain the user's credentials. We can then do a look-up of some AD groups to determine what they can do from that point onwards. The problem is - Every time we browse to the application, instead of navigating to our main page immediately, we get a login prompt provided by IE. I've read that we need to make sure that in the browser's Tools->Options->Advanced-> (Securiy-> ENable Windows Intagrated Security) must be checked - which it is on ALL 3 machines where I try this. The machines AND the server are all in the same domain. My config file states <authentication mode="Windows" /> and I've tried every combination for <identity...> and <authorization...> but to no avail. I can only get the "login" prompt to go away if I enable Anonymous Authentication - but then I can't detect the windows user or their group membership. What is causing the perpetual display of the login prompt - Its driving me mad ! Help...

what are valid client credentials in windows auth?

I just finished configuring a service to use net.tcp binding and use security mode of Transport with Windows creds.  Previously I had been using security mode none, but I'm trying to improve things. So this works for client computers that are members of my domain.  But when I try to launch the client on a computer using a local account login that is not a member of the domain, I get "The server has rejected the client credentials". In order for "Transport" mode "Windows" credentials to work, do all clients have to be run from domain authenticated workstations? How can I get my client to run from this non-domain computer?  Its on the same network, but not a member of the domain. -Ethan Nelson

ASP 4.0 and Custom SQL Server DB for Forms Auth


Hi, I have done some research and tried to find answers on how to integrate forms authentication with ASP.NET but all I can find is for 2.0. I don't mean to sound ignorant or annoying about it, but does anyone have a quick link to somewhere where I could find out how to integrate a custom SQL Server DB (with username, password, id, etc columns for user) with ASP.NET 4.0?

My application is actually a Silverlight Business Application where I am trying to log in/register users in a separate Database in a SQL Server 2008 engine.

If you don't have a link, but instead suggestions, anything would be much appreciated! Thanks,


ASP.NET Forms Auth - exclude "/" root from being authenticated


Hi All,

 We have a weird issue found during setting up a new Windows 2003 Server with IIS6.0 & ASP.NET 2.0, our site is built using ASP.NET forms authentication with general authorization to deny access to all users & allow explicitly to static, home pages etc, -- web.config setting for forms auth looking as below:

         <authentication mode="Forms">
            <forms name="appNameAuth" path="/" loginUrl="~/Pages/Users/Login.aspx" protection="All" timeout="60" defaultUrl="~/Pages/Inner.aspx">
            <deny users="?"/>

Issue is this:

If we access the site as http://localhost/default.aspx works fine & can view the home page of our website, but if we access using http://localhost/ - expect to view the default.aspx (as it's set as default document), but for some reason ASP.NET Forms Authentication thinks "/"

Problem with Sharepoint 2010 - Claims Auth - Windows Auth and FBA. consistent redirects back to "cho


We have sharepoint 2010 foundation site that we can successfully login with via IE, Firefox, Chrome both on the domain and externally with Claims Authentication with only Windows Auth type selected (NTLM).

Once we add FBA and use the default signin page, we can still login (we select Windows Auth from the dropdown) BUT it only works on the domain. When we try to access externally, the only browser that works is FireFox. Both Chrome and IE just constantly redirect back to the Choose Authentication dropdown screen.

We have tried for the last 2 days to sort this out. Has anyone else experience this? It looks like the default sign in page somehow doesn't set the cookie for IE and Chrome and just bounces us back to the sign in page...

Thanks for any info...

To clarify, we are not even using the FBA yet. We are trying to login only with the windows auth and domain accounts...

WCF Data Service as Forms Auth ASP Auth Source



I was wondering if it is possible to use a WCF Dataservice as the MemberShipProvider for a forms auth application. I have written code for a provider (below), but I do not know what to do as far as a connection string, or any other web.config properties. Please Help!!! Here is the code for my provider, anytime it says Odbc that is because I based this off of the custom Odbc provider on the msdn site. The only ACTUAL references to any odbc connection are in the comments:


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Configuration;
using System.Collections.Specialized;
using System.Web.Security;
using System.Configuration.Provider;
using System.Configuration;
using System.Data.Odbc;
using System.Text;
using System.Diagnostics;
using System.Security.Cryptography;
using System.Data;
using nGreekApplication.Web.nGreekService;

namespace nGreekApplication.Web.Services
    public class nGreekProvider: MembershipProvider


hardcode windows auth- UN/PW


I know this is a poor idea, but it is meerly a starting point for me.

How can I hardcode  and pass the username / password information in an httpmodule (c#) for a windows based authentication app?

I.E i want to get to a site where i would normally need to enter username and password because authentication is set to windows, but i dont need to enter it because a httpmod is automatically passing the credentials along and i automatically get in.


MVC asp.net profile providor windows auth



 I have a MVC 2 application, that I setup with my SqlProfileProvider(setup with and already working with asp.net 2 apps)  for user profile.  I use Active Directory for my user makes with windows authentication but when I try to view the users profile setting I am getting "This property cannot be set for anonymous users."  My question is Why?   With MVC I call the command for 

httpContext.Current.User.Identity.Name and I get my domain/user name.  So I am not sure what step I am missing, is there something special i have to do for MVCX


iis 7 forms auth


I'm using iis7 with forms authentication. I attempt to login and sometimes it works and other times it does not. Any idea what is causing this to not properly?

<forms name="secureCookie" loginUrl="login.aspx"

/secure is the private folder. If I attempt to log in and it bounces back all I have to do is type in the path to the secure folder and it acknowledges me just fine. I don't understand why it is so up and down.

forms auth with AD


I've got one Web Application with multiple authentication providers. Problem, the forms auth site isn't seeing the AD user: testuser. It is looking at someother account. Why?

Two Authentication Methods
1. Windows - uses domain
2. Forms - uses domain - see web.config below


User Info per auth sites
1. mydomain\testuser --- windows auth site -- see my AD user
2. membershipadprovider:testuser --- forms auth site -- sees some other user -- not sure why

Web.Config for Forms Auth Site:
    <add name="ADConnectionString" connectionString="LDAP://mydomain.com/DC=mydomain,DC=com" />

  <clear />
  <!--<add key="MembershipADProvider" value="%" />-->

<authentication mode="Forms">
  <forms loginUrl="/_layouts/login.aspx" domain="" name=".ADAuthCookie" timeout="20" protection="All" />

<membership defaultProvider="MembershipADProvider">
  <add name="Me

WCF Windows Auth (NTLM) Problem when Client and Server are on the same machine


I have WCF service being hosted in IIS with windows auth enabled, it is running under NetworkService account .  I have a simple method on my WCF service which just reflects the identity of who is calling it.


public string RefelctIdentity()



return HttpContext.Current.User.Identity.Name;


I am using IIS to authenticate the user and pass me the WindowsPrincipal in the HTTP context.

I am consuming the WCF service witha client used in a WindowsService that is being run under the NetworkService account.  When the WindowsService.  When running b

MS JDBC (3.0) with Windows Auth from oSX or Linux

Is this even possbile: MS JDBC (3.0) with Windows Auth from oSX or Linux ? It works for other JDBC drivers (data direct, jTDS) but I am unable to find a solution using MS  JDBC. We're using advanced features of SQL Server that don't work right with the other drivers yet, MS JDBC does not seem to support windows auth from a non-windows client (the other drivers do).
Jeff Block t:@sqlDictum (http://www.twitter.com/sqlDictum)

Change in Windows Auth between SQL 2005 and SQL 2008, bug?


Since upgrading some clients to SQL 2008 I am running into a problem with laptops that are members of a domain and using Windows Authentication while not connected to the domain.

The users are receiving errors:

The Local Security Authority cannot be contacted
Cannot generate SSPI context


I see many write ups on this in the SQL Forums and other places on the Internet.


My question is, is this a bug? If I use osql.exe as a test there is a distinct difference between SQL 2008 and SQL 2005.

I can use osql.exe from 90\tools\binn (SQL 2005) with the following command while not connected to the domain and it connects to either my SQL 2005 or 2008 instance.

osql -E -S <server>\<instance>

However, the exact same command using osql.exe from 100\tools\binn (SQL 2008) fails and generates the errors above.

My application is receiving the same error. It is using a DSN-less ODBC connection.


This is running XP SP3 and SQL 2008 Express SP1.

I'm trying to determine if this is a bug that may be fixed or if it is just life now and I need to adjust.





Forms Auth ticket not sliding


I have a project the uses Forms authentication and Session. Session Timeout is set to 10 minutes, forms timeout is set to 8 minutes
On one page in the project, I don’t want the session or forms ticket to exipre at all. To accomplish this, I have a small hidden iframe (containing keepalive.aspx) at the bottom of the page at contains the tag

meta id="MetaRefresh" http-equiv

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend