OWIN middleware implementation mixing Windows and Forms Authentication.
Install with NuGet
PM> Install-Package OWIN-MixedAuth
Before running the samples, make sure to unlock windowsAuthentication section:
- Open IIS Manager, select the server node, then Feature Delegation.
- Set
Authentication - WindowstoRead/Write
- Open applicationhost.config located at $:\Users{username}\Documents\IISExpress\config
- Search for
windowsAuthenticationsection and updateoverrideModeDefaultvalue toAllow.
<section name="windowsAuthentication" overrideModeDefault="Allow" />-
Add reference to
MohammadYounes.Owin.Security.MixedAuth.dll -
Register
MixedAuthin Global.asax
//add using statement
using MohammadYounes.Owin.Security.MixedAuth;
public class MyWebApplication : HttpApplication
{
//ctor
public MyWebApplication()
{
//register MixedAuth
this.RegisterMixedAuth();
}
.
.
.
}- Use
MixedAuthin Startup.Auth.cs
//Enable Mixed Authentication
//As we are using LogonUserIdentity, its required to run in PipelineStage.PostAuthenticate
//Register this after any middleware that uses stage marker PipelineStage.Authenticate
app.UseMixedAuth(cookieOptions);Important! MixedAuth is required to run in PipelineStage.PostAuthenticate, make sure the use statement is after any other middleware that uses PipelineStage.Authenticate. See OWIN Middleware in the IIS integrated pipeline.
- Enable Windows authentication in Web.config
<!-- Enable Mixed Auth -->
<location path="MixedAuth">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>Important! Enabling windows authentication for a sub path requires windowsAuthentication section to be unlocked at a parent level.

