NTLM and .NET

[Tom]

Hi,

I would like to implement transparent sign-on on my website, available on
the internet.

1) For users within my company, I would like to use NTLM and have no prompt
for login/password

2) For users outside my company, I would like to authenticate them through a
form via a bespoke database lookup

Is this possible with IIS/.NET? Does this mean we have to use both NTLM and
anonymous authentication?

Would NTLM work even if IE security setting is set to "Automatic logon only
in Intranet zone"?

Thanks!

Tom

 

[Bruce Barker]

the easiest is to use ipaddress, one for the internet, one for the entranet.

on the logon form page, if the request comes from the entranet, and the nt
creditials are not set, send a 401, else use the nt credentials to login. if
not entranet, use standard form logic.

if you can not have two ipaddress, then you will use mask to determine
internal address.

-- bruce (sqlwork.com)

 

[Paul Glavich [MVP ASP.NET]]

I wrote this article which may help.

http://aspalliance.com/553