Net website using forms authentication that is going to be crawled by a Google Mini appliance for site search. The GMini is a bit old and apparently does not support crawling a site using forms authentication. Presumably Gmini doesn't persist the auth cookie, or perhaps it just doesn't understanf login forms.
Is there a way that I can persuade IIS/.Net to treat all requests from the IP address of the GMini as being already logged in as a specific user which has access to the secured content?
on global.asax you can use the Application_AuthenticateRequest and check if the user come from a list of ips, you loghim automatically as:
protected void Application_BeginRequest(Object sender, EventArgs e)
{
// check that is not all ready logged in.
if(HttpContext.Current.User == null || HttpContext.Current.User.Identity == null || !HttpContext.Current.User.Identity.IsAuthenticated)
{
// check if its on your Ip List, or check if(HttpContext.Current.Browser.Crawler)
if(ListWithPassIps.Contains(HttpContext.Current.Request.UserHostAddress))
{
FormsAuthentication.SetAuthCookie("[email protected]", true);
}
}
}
The issue that may have is that the crawlers did not save the cookie, but I think that this log him for at least that session. The "[email protected]" can be a user that you made to see the page you like.
You can also check if its request.Browser.Crawler and not by the ip that is more difficult to find the one of the major search engines.