How to set up windows authentication just for a single route in ASP.NET MVC on iis6?

Question

I'm developing a web application and I need to mix Forms & Windows authentication together.

The approach which I selected is this: authentication method on all the web site has to be forms auth. There is a form page (~/home/Login) to login in via forms auth. The magic (and trouble) is that only one page (say ~/Home/WinLogin) has to have auth metod set up to be windows auth. This page is used to read HttpContext.User.Identity.Name to get the windows user name.

What I don't know is how to set up the win auth on iis6 for the one particular route?

The route looks like ~/Home.ashx/WinLogin. Ok, but what then? I tried to create a directory Home.ashx in the virtual directory and subdirectory WinLogin. But then ~/Home.ashx/Login (with the login form) stopped working.

Because on iis6 we have to use a ashx handler it seems that there is no other way how to do it instead of creating a ordinary web page ~/WinLogin.aspx that does the work. However I wanted to avoid that and use MVC only.

Just for info how to setup iis7: IIS 7.0 Server-Side blog It's not perfect (Mike Volodarsky had to create custom forms auth module), but it works.

Answer 1

You can't selectively set windows auth in IIS6 like you can in IIS7. You could however set the home.ashx to support anonymous and windows auth; replace the HttpContext.User property in the /Login case and use the windows principle in the /WinLogin case. However, you need to be careful that your code path allows for the case where you want them to use forms auth but they're presenting you with a windows principle identity and ignore that.