Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Trouble allowing a 401 response through DNN, FormsAuthentication and MADAM not workingTrouble allowing a 401 response through DNN, FormsAuthentication and MADAM not working
Previous
 
Next
New Post
3/12/2015 5:40 AM
 
Nick Fenwick


Joined: 2/24/2015
Posts: 11

tl/dr: can I stop DNN from using Forms Authentication for some requests so 401 responses reach the client?

We have two websites that we want to share a domain name .. one DNN 7.3 site and a .NET MVC style project.  Each are in their own independent Site in IIS.  The DNN site is bound to port 80 and the main domain name, with rewrite rules in the web.config that redirect requests  to /api/* to the other Site.  Using the advanced management UI from https://dnnurlmanagement.codeplex.com/ we have been able to stop the DNN Friendly URL module from intercepting requests, and get the web.config rewrite rules to work.

Unfortunately, when our API chooses to respond with 401 Unauthorized, for example when you try to log in with an invalid password, the 401 response is intercepted by the Forms Authentication HttpModule in DNN and changed to a 302 Found redirect to the login page.  This seems very well documented and led me to the MADAM library at https://msdn.microsoft.com/en-us/library/aa479391.aspx

It seems clear that the order of processing for typical unauthorized requests, e.g. to the Admin site in DNN when not logged on, is:

1/ Forms Authentication is enabled

2/ URL Authorization scheme decides if a request is to be served or denied, and may respond with 401.

3/ Forms Authentication intercepts this and turns the 401 into a 302 with Location header pointing to Login page.

MADAM promises to offer the ability to replace the normal Forms Authentication scheme with a more configurable option so you can decide when to perform step 3 above, and when not to.

We installed MADAM and carefully configured it to not use Forms Authentication for requests to api/* but are still getting 302 responses.  We looked at outbound rewrite rules, but they cannot change the response status code.

I see in the DNN site's web.config there are suspicious lines like:

    <configuration>

      <!-- register local configuration handlers -->

      <configSections>

        <sectionGroup name="dotnetnuke">

          <section name="authentication" requirePermission="false" type="DotNetNuke.Framework.Providers.ProviderConfigurationHandler, DotNetNuke" />

This makes me feel DNN may be completely taking over the Forms Authentication handling and MADAM has no chance to operate, but I cannot tell for sure.

Is it possible to get our 401 response returned to the client unaltered?  Is MADAM the right approach to use?

Thanks!

Nick
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Trouble allowing a 401 response through DNN, FormsAuthentication and MADAM not workingTrouble allowing a 401 response through DNN, FormsAuthentication and MADAM not working


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out