问题
I'm currently trying to set up a website that uses both windows authentication and forms authentication. I am using ASP.NET MVC and both IIS6 and 7 need to be supported. How would I go about letting known AD users into the app (their AD id is stored against their user record in the application database) and directing everyone else to a standard username/password page.
回答1:
It seems the answer is no. We've had to set up 2 sites, the main application with forms authentication and a separate windows authenticated site which redirects to the forms site with a token which expires quickly telling the forms site that an authenticated user is incomming.
回答2:
What about the option using custom 401 redirect at IIS level outlined in this article
来源:https://stackoverflow.com/questions/1796798/mixing-windows-and-forms-authentication-in-asp-net-mvc