Important Announcement
This project is more of a proof of concept that makes mixed authentication appear as if its an external provider. I recommend using OWIN-MixedAuth, because its modular and works seamlessly with other authentication providers.
ASP.NET MVC 5 Mixed Authentication
Mixing Windows and Forms Authentication (Windows + Forms)
===========
Visual Studio Update 3
A new updated branch is available here. Also view this comparison for the list of changes required to add Mixed Authentication support.
How its done ?
The basic idea is to have a managed handler to perform windows authentication, then hand control over to the cookies authentication middleware.
It will appear as if its an external provider. Sample Screens
Running the solution locally
No special requirements! Visual Studio Express 2013 is all you need.
-
Clone the repository:
git clone [email protected]:MohammadYounes/MVC5-MixedAuth.git -
Open the solution using Visual Studio, build and run.
Enabling Windows Authentication on IIS Express.
-
From Solution Explorer, select MixedAuth project then press F4 to view Project Properties and Make sure "Windows Authentication" is enabled.
Importing AD Groups as Role Claims:
All AD groups asscociated with the user windows account are available when you hit the WindowsLogin Action, you can fetch all of them by iterating over Request.LogonUserIdentity.Groups:
private void MapGroupsToRoleClaims(ApplicationUser user)
{
foreach (var group in Request.LogonUserIdentity.Groups)
user.Claims.Add(new IdentityUserClaim()
{
ClaimType = ClaimTypes.Role,
ClaimValue = new SecurityIdentifier(group.Value)
.Translate(typeof(NTAccount)).Value
});
}Flowchart of the Windows Login / Link code flow (Contributed by @ComboFusion)
