The Web Application is Windows authenticated but we also need to provide Forms authenticated access.
12 April 2005
When AnyView IDS was first installed Web Application security was configured to use Windows authentication. However, not all users can be Windows authenticated. Some external users such as customers and vendors need to have access to the AnyView IDS Web Application, and should be prompted to enter a login ID and password (Forms authentication).
AnyView IDS can be configured to support both Windows and Forms authentication. To do so it is necessary to create a second Web Application physical directory, and a second virtual directory in Internet Information Services (IIS). Different URLs are then used to access the Windows authenticated and the Forms authenticated Web Applications. Note that the content displayed in both Web Applications can be identical, and is determined by the security settings in the AnyView IDS Console.
The following steps outline the procedure for creating and configuring a Forms Authenticated Web Application, in a scenario in which a Windows authenticated Web Application already exists. The final objective is to provide both Windows and Forms authentication for our Web Application.
- Create an AnyView Login for the Forms authenticated user.
Launch the AnyView IDS Console. From the AnyView IDS Console:
1. Expand the 'Security' folder from the console navigation pane and right click on 'Logins'. Select 'Create New Login'.
2. In the 'General' tab of the 'Login Properties' window enter a login ID and password for the Forms authenticated user.
3. In the 'Datasource Access' tab assign datasource access and set the default datasource for the Forms authenticated user.
4. In the 'Roles' tab assign membership to one or more roles. Note that you may need to create a role first.
5. In the 'Profiles' tab you may wish to assign membership to a profile. Note that you may need to create a role first.
6. Finally, in the 'Console Security' you may choose to assign console administrator rights for this user.
- Create a second Web Application physical directory.
1. Using Windows Explorer navigate to the 'AnyView IDS' directory. In a default install this is C:\Program Files\Accountable Software Inc\AnyView IDS.
2. Make a copy of the 'Web Application' folder and paste it in this same directory. It will be pasted as 'Copy of Web Application'.
3. Rename 'Copy of Web Application' to something more meaningful, for example 'Web Application Forms Authentication'.
- Configure the Forms authenticated Web Application and create a second virtual directory.
1. Using Windows Explorer navigate to the AnyView IDS 'Setup' directory. In a default install this is C:\Program Files\Accountable Software Inc\AnyView IDS\Setup.
2. Launch the Web Application Setup window by double clicking on 'AccoutableSoftwareInc.AnyViewInstall.WebAppInstall.exe.
3. In the 'Virtual Directory' tab select your website, and enter a new Application Name. This application name will be the name of your virtual directory, and will be part of the URL for the Forms authenticated AnyView IDS web site, so use a meaningful name, for example 'AnyViewIDSForms'.
4. Still in the 'Virtual Directory' tab, enter the path to the Web Application physical directory created in (B) in the 'Local Path to Web Application Folder' field. Click 'Next'.
5. In the 'Authentication' tab select 'AnyView Login Form'. Click 'Next'.
6. In the 'Connection Information' tab enter the information required by the Web Application to connect to the AnyView IDS SQL Server. This connection information should be the same as the one entered during the first Web Application setup. Click 'Next'.
7. In the 'Installation' tab review your settings in the 'Installation Detail' field. If your settings are correct click 'Install' to create the second Virtual Directory (AnyViewIDSForms in our example) and to save the authentication and connection settings in the web.config file. Click 'Finish'.
In this example, the Forms authenticated web site can now be accessed at http://MyWebSite/AnyViewIDSForms. A login screen will prompt the user to enter a login and password.
Note that the settings for the original Windows authenticated Web Application have not been affected, and Windows authenticated users can continue accessing the Web Application exactly as they used to.