Windows AND anonymous authentication #6236
I have some problems getting Windows AND anonymous authentication to work. The login process is supposed to be like this:
- The user go to the angular site login. It should start an automatic AD/LDAP login process (as described at https://support.aspnetzero.com/QA/Questions/5370).
- If successful AD login, the user gets in.
- If unsuccessful, the user should return to the login page and be able to login using username and password as normal.
I have gotten some of this to work but when both Anonymous and Windows autentication is active in IIS, the User.Identity.IsAuthenticated is always false making LDAP login always unsuccessful.
I have changed the API web.config attribute forwardWindowsAuthToken="true".
I'm quite new to both IIS with .Net Core and especially Angluar, so any tips would be greatly appreciated!
Best regards // Andreas
I tried and added [Authorized] before the Authenticate method:
[Authorize] public async Task
I now get a populated User.Identity, but it now however fails with "Authorization.Users.UserManager - Invalid password for user X." so I guess something else has gone wrong now.
Am I doing it the right way or should I completely change approach?
Unfortunately no. I think the AlwaysTrueExternalAuthSource method will not work on a site with both Windows Auth and Anonymous access. I think it will only work on a site with only Windows Auth. In the db the source is AlwaysTrueExternalAuthSource instead of LDAP which might cause the password error as well.
What I want to do seems to be a special case (thought it would be a common scenario for an entreprise solution to allow local user access and forms login for external users but I seem to be wrong).
I do not have a good lead going forward or any reserve backup plan though. Any tips would therefore be very appreciated!