Open Closed

Windows AND anonymous authentication #6236

peabaw created

Hello there

I have some problems getting Windows AND anonymous authentication to work. The login process is supposed to be like this:

  1. The user go to the angular site login. It should start an automatic AD/LDAP login process (as described at
  2. If successful AD login, the user gets in.
  3. If unsuccessful, the user should return to the login page and be able to login using username and password as normal.

I have gotten some of this to work but when both Anonymous and Windows autentication is active in IIS, the User.Identity.IsAuthenticated is always false making LDAP login always unsuccessful.

I have changed the API web.config attribute forwardWindowsAuthToken="true".

I'm quite new to both IIS with .Net Core and especially Angluar, so any tips would be greatly appreciated!

Best regards // Andreas

6 Answer(s)
  • 0
    peabaw created

    I tried and added [Authorized] before the Authenticate method:

    [Authorize] public async Task

    I now get a populated User.Identity, but it now however fails with "Authorization.Users.UserManager - Invalid password for user X." so I guess something else has gone wrong now.

    Am I doing it the right way or should I completely change approach?

  • 0
    ismcagdas created

    Hi @peabaw

    Sorry for our late response. Have you found a way to do this ?

  • 0
    peabaw created

    Hi @ismcagdas

    Unfortunately no. I think the AlwaysTrueExternalAuthSource method will not work on a site with both Windows Auth and Anonymous access. I think it will only work on a site with only Windows Auth. In the db the source is AlwaysTrueExternalAuthSource instead of LDAP which might cause the password error as well.

    What I want to do seems to be a special case (thought it would be a common scenario for an entreprise solution to allow local user access and forms login for external users but I seem to be wrong).

    I do not have a good lead going forward or any reserve backup plan though. Any tips would therefore be very appreciated!

  • 0
    ismcagdas created


    We might offer you a solution for MVC but we don't have a suggestion for implementing such an hybrid approach for Angular app.

    I think it will be better to search it on the web.

  • 0
    peabaw created


    Thank you for all help. Might I just bother you to explain why it might be possible with MVC but not possible with Angular? It might help give me a clue.

  • 0
    alper created