I am developing an ASP.net web application for my company. Some users use this site in the internal network (Intranet) and some use the Internet site. I am using Windows Authentication mode.
I need to find a way to not prompt Windows Authentication mode for an Intranet user and prompt Windows Authentication mode for an Internet user.
How can I do this?
Based on what your are describing, Windows Authentication in IIS will do the trick.
First some links:
However note the following:
Single sign-on (SSO) (i.e. accessing the application without providing a username and password) will occur if all the following are true:
Under any other circumstances the user will be prompted for credential (username and password) for an account within the Active Directory Domain. So user accessing your webserver from the internet would get a popup asking them to provide a username and password.
Be advised that for user not using single signon (user being prompted for username and password) the HTTP authentication mode will most likely be BASIC which mean that anybody that can intercept that connection will be able to see the username and password being exchanged. If you go with this technique make that the connection between client and server is encrypted (HTTPS or maybe a VPN).