Hello,
I have a problem with client certificates authentication since I've migrate a project from .NET 3.5 to .NET 4.5. I have configure client certificate mapping for my site, it worked fine when my application was in .NET Framework 3.5. But from the moment I've pass it to .NET Framework 4.5, I can't have the form authentication working when client certificate mapping is enable.
The problem is when I try to authenticate in my application, it uses Windows Authentication instead of forms authentication to log in my application cause it uses the windows account attached to the certificate mapping to log in the application, which was not the case before. And then it doesn't recognize my differents roles in the application, so nothing work as expected.
My application is a MVC4 web application, I've migrate it from MVC3 to MVC4 at the same time I've migrate from .NET3.5 to .NET4.5. From this moment, authentication with client certificate mapping enable don't let me use forms authentication.
Here is the authentication configuration in web.config of my application :
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="20" slidingExpiration="true" />
</authentication>
And here is the configuration of the site in appicationHost.config :
<location path="BSW_AJSwiss">
<system.webServer>
<security>
<access sslFlags="Ssl, SslNegotiateCert" />
<authentication>
<anonymousAuthentication enabled="false" />
<iisClientCertificateMappingAuthentication enabled="true">
<oneToOneMappings>
<add enabled="true" userName="BSW" password="[enc:AesProvider:JaidDgcHffnD8j4eNtPDV5PQ2DCbWvf7Rd+F3UwTJGfMW2adjFKpvTP86XeVyWDe:enc]" certificate="MIIEMTCCAxmgAwIBAgIKYSKTKgAAAAAAAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDEwdCU1czLUNBMB4XDTEzMDYyMDE0MTcwNFoXDTE4MDYyMDE0MjcwNFowgZYxCzAJBgNVBAYTAlZEMQ8wDQYDVQQIEwZTdWlzc2UxFTATBgNVBAcMDFByw6l2ZXJlbmdlczESMBAGA1UEChMJQWxlcGhsaW5lMQwwCgYDVQQLEwNEZXYxEDAOBgNVBAMTB0FKU3dpc3MxKzApBgkqhkiG9w0BCQEWHHF1ZW50aW4udmluY2VudEBhbGVwaGxpbmUuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbm0+sxD4+dfFkZymijG3PYBFyL0MM0vX767sV5ZxZElhgqmP5D+Jba8pXsT2SmR3tHIhWjF10ODVFe6ImowpoLgkUiiZi/Q07CB4FQvzpx8cfu4J5hwrhnWX7fv0hGcyuw/lme3dkTwUTdSf4wgd8O9iAR5Cq1X4mfhPIR2oStplfzl6FBF9Ko5gq9PM69OST4WeLKIysdVTjogDbOGIvt2TNKIf0gH4gono8ukL1wJ4ukwSQmxVtcBWCL/1PNOCmiJPIwiN5FNLhzQ2/dkbgbhzGnC596jCL+8zPLWcE0nf9CfFetmqKR85KD5ZFmBf1aEQhLpxCCLgh4Qet3dorAgMBAAGjggECMIH/MA4GA1UdDwEB/wQEAwIE8DATBgNVHSUEDDAKBggrBgEFBQcDAjAdBgNVHQ4EFgQUlOQ9ErAw1DzpBkmKBZ8hOvtqufIwHwYDVR0jBBgwFoAUM0huPt4GY3ejbvMFNplxNfdzACEwOQYDVR0fBDIwMDAuoCygKoYoZmlsZTovL0hvdXNpbmc1XzUvQ2VydEVucm9sbC9CU1czLUNBLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2ZpbGU6Ly9Ib3VzaW5nNV81L0NlcnRFbnJvbGwvSG91c2luZzVfNV9CU1czLUNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQC+l8AZT+CG4IKTLl02Is6Bty6QRUhSKgKDS4rikrc+jg47bWOXvVfa9kZchPAUcfSkqzvc7ZobGiuCuSmOfcSc2DpovDiD62odvNTOYIMfS5ch6Rv0CVCiMLFqxJPIt1E3ZKKxLk+ateu2wyhqxZg/B7HIrDaaitWLgYjgdpjsxtwE6DTxE/ceUehPlgu4bR/8w8jWaRPaJdERSxdXevUKoVpQdkI4zAi5Qf9DIpkoae6XtmcjfRfuHnd9wlBwdGoCMOhUFYH9T3JbReeaZweCQtY655/jFgl+bspp8e654SF6cP6qTiAbS/6IRRLPAtu4tMqv8GVKPBe+4IyNfmcC"
/>
</oneToOneMappings>
</iisClientCertificateMappingAuthentication>
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
The only solution for me now is to disable client certificate mapping, put "Ignore client certificates" in SSL settings and authorize anonymousAuthentication to let my users use the application.
It's now for two days that I'm searching a solution to this problem, I really need your help, please! :)