4.2 Windows Authentication
Is this supported in 4.2?
Hi Matt Froese,
Windows Authentication is still not supported in Sitefinity 4.x - we are working on it but the task will not be accomplished soon as it requires more attention.
Regards,
Victor Velev
the Telerik team
Thank you.
Is it on the Roadmap? When can we expect it to be implemented?
Also, is there any way to get the Front End to use Windows Authentication while still using Forms authentication for the backend?
Hi Matt Froese,
The feature is not on the Roadmap yet because we have quite a lot of work to do in this area and cannot provide you with an exact date.
Enabling Windows Authentication to get the front end will break the backend pages and they will not be useable, so I strongly do not recommend that.
All the best,
Victor Velev
the Telerik team
We have the same need as Matt's.
Our new Intranet site can only be viewed by our internal group. Our group has an Active Directory domain, and all users belong to this domain can view all frontend pages (of course we will need to set view all pages under "Permissions for all pages" for a sitefinity role which a domain users group). A pass-through or Windows Authentication integration is a must since we do not want users to login again (one to their computer, one to sitefinity to view pages). We are scheduled to deploy the end of the month. Is there any other solution for now that we can implement?
Can you do something with the default authentication to set it to LDAP/AD, then take user's AD credential and pass it to sitefinity so they do not have to login again to view all pages.
Any help would be greatly appreciated.
Thanks,
Norman
I've seen dual authentication modes implemented in ASP.NET before.
It involves the front end redirecting the user to a folder with windows auth turned on. If the user authenticates it sets the forms authentication cookie, if not, it redirects to a login page.
The question is how to get Sitefinity to redirect a user to a page if they are not authenticated.
If we can somehow hook into the Forms Authentication login and set the ticket like you describe below, that would work for me along with a custom membership and role provider.
Or, couldn't we just do this in the Custom Membership and Role Provider authorization check... if user is Windows Authenticated on domain then the membership provider will return 'true'