I am trying to create a MVC5 web application that partially uses Windows Auth.
What I have in mind is that it efficiently generates cookie-based auth, but with a requesting Windows user that is part of his login credentials.
For example, the login page will say: "You have been identified as somedomain \ kierenj . Enter the secret code to log in." If they enter the correct code, the cookie is set and they are logged in.
If Windows auth fails, the login page will still appear, but it will be disabled.
I experimented with WindowsPrincipalHanlder as follows: https://github.com/JabbR/JabbR/blob/master/JabbR/Middleware/WindowsPrincipalHandler.cs
Its essence is that if I turn on Windows authentication and turn off anonymous authentication, then Owin (or, presumably, part of its cookie) redirects to the login page, which redirects to the login page - this is a redirect cycle.
Note. I am using a very simplified Owin installation. UseCookieAuthentication with type ApplicationCookie and a LoginPath ; then I call SignIn like this from my account controller:
var claims = new[] { new Claim(ClaimTypes.Name, "Username"), new Claim(ClaimTypes.Role, "AuthenticatedUser") }; AuthenticationManager.SignIn(new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie));
(first checking out WindowsIdentity.GetCurrent() )
Do I need to write my own Owin cookie middleware version? Can I get a source so that I can debug / output?