O'Reilly logo

Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB by Stefan Schackow, Bilal Haidar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

6.8. Using Forms Authentication Across Different Content Types

It has been mentioned several times throughout the book that one of the major advantages of running applications in the new IIS 7.0 integrated mode is the ability of ASP.NET runtime to process requests for non-ASP.NET resources. Added to this, the managed FormsAuthenticationModule is now integrated into IIS 7.0, which means that in addition to having the native authentication modules listed and registered inside IIS, you now have the managed FormsAuthenticationModule listed so that administrators or developers can enable/disable it the same way they enable/disable any other native authentication module.

Figure 6-5 shows the list of authentication modules listed inside the IIS 7.0 Manager tool.

Figure 6-5. Figure 6-5

There are some limitations on using the managed module. If the managed FormsAuthenticationModule is enabled, you cannot enable any other native authentication module. There is a workaround to this limitation to enable both the native WindowsAuthenticationModule and the managed FormsAuthenticationModule, which you can read more about at http://mvolo.com/blogs/serverside/archive/2008/02/11/IIS-7.0-Two_2D00_Level-Authentication-with-Forms-Authentication-and-Windows-Authentication.aspx. But as a rule. and without any workarounds, you cannot enable the manage FormsAuthenticationModule while enabling any other ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required