Luke,
Thanks for your reply. Did you find the code for this article?
I don’t think I need to fix the Global problem since I am using Membership
and forms auth. That will redirect the user to the defaultUrl.
I still am having the popup login box for the user with no credentials they
should be redirected to the weblogin form without the popup. I can get it to
work correctly by setting IE tools.internet options. Security. Local
intranet.custom level.settings to anonymous login. I would like this to work
for all settings. If the user needs to set up the browser I could just a
easly tell them to use differet pages one for users with accounts and one
without.
I wonder is there is a article that addresses this problem using VS2005,
forms auth and membership.
Thanks
--
Jerry
[quoted text, click to view] "Luke Zhang [MSFT]" wrote:
> Hello Jerry,
>
> In VS.NET 2003, there is class defined in Global.asax, so that we can use
> Global.ReturnUrl to access a static member of the class. In In VS.NET 2005,
> there is no such class defined in Global.asax. To get around this, we can
> simply use a static or hardcode string instead.
>
> For question 2, can you check in the IIS security setting, did you use
> windows integrated authentication or Basic authentication?
>
> Regards,
>
> Luke Zhang
> Microsoft Online Community Lead
>
> ==================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> ==================================================
>
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
Hello Jerry,
Yes, I have downloaded the code and tested it on my side:
public class Global : System.Web.HttpApplication
{
public const string ReturnUrl = "MixedSecurity.ReturnUrl";
"Global.ReturnUrl" is actually a static string "MixedSecurity.ReturnUrl".
Regarding the question about login box, I found this is pop up before our
ASP.NET application is touched. The login box is raised by IE in
conversation between IE and IIS. When a file (WinLogin.aspx in this case)
was set with integrated authentication, it will require client IE send
windows authenticated token. If it didn't found the toke, it will return an
error to IE and IE will pop up the login box for user account input. We
cannot control this from server side. The only way is set anonymous login
in client IE as you mentioned, or we can tell user to click Cancel button
if they don't have a valid windows account.
Regards,
Luke Zhang
Microsoft Online Community Lead
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
