Reputation: 589
Question on Federated Authentication using Windows Identity Foundation
I am developing an Asp.Net MVC website using Windows Identity Foundation and STS website for authentication. it works fine as whenever a user tries to access a URL, it redirects to STS website if that session is not authenticated.
Now I want to add a page in the application which should be available without authenticating into the site. But I am unable to do that. I tried giving the following in web.config. Still it gets redirected to the STS website. Here i want to allow anonymous access to "Public" controller and all its actions.
<location path="Public">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
It will be great if somebody can guide me with the solution.
Thanks
Upvotes: 2
Views: 1309
Answers (2)
Reputation: 14212
Take a look at this sample app. We ended up disabling the automatic redirect and controlling that ourselves.
More details on how it works here.
Upvotes: 0
Reputation: 2714
NOTE: I realize I'm about a year late with this answer, but I wanted to document it for future reference.
The asterisk (*) in the users attribute refers to all authenticated users. To allow anonymous or unauthenticated users, a question mark (?) should be used as shown below.
<location path="Public">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
Upvotes: 0
Related Questions
- ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)
- Windows Identity Foundation sample MVC application
- WS-Federation claims authentication (MVC.Net)
- Federated authentication from ASP.NET MVC to SharePoint
- Federated Authentication on Azure
- WsFederation and local user mixed authentication
- Implementing Federated security using Thinktecture IdentityServer v2
- ASP.NET multiple federated identity providers
- Federated claims-based authentication and single sign-on
- Implementing an Identity Provider