I'm using forms authentication and launching a site from Visual Studio 2010. It is using the Visual Studio Development (web) Server and not IIS. The web.config has:\[code\]<authenticaion mode="Forms"> <forms name=".MyApp" protection="All" cookieless="UseCookies"/></authentication>\[/code\]The login page is using the ASP.NET login control. Before the user even logs in, I can see following:\[code\]HttpContext.Current.Request.LogonUserIdentity.AuthenticationType == "NTLM"HttpContext.Current.User.Identity == System.Security.Principal.GenericIdentityHttpContext.Current.User.Identity.AuthenticationType == "NTLM"\[/code\]This user seems to be authenticated as a local system user and not a web user. Doesn't this mean the user will always be authenticated, regardless if they logged into the site or not? How is a web user NTLM?
Why is web user authenticated through NTLM?
- Thread starter Scheel2
- Start date