I need help on authenticating users based on their location. The problem is this: If the users come to the web site out of domain then the user must fill a login page and the credentials he provided must be authenticated from a custom credential store. If the user is an Active Directory user, he must be directed to the resource he wants without asking for credentials.
If I enable both Anonymous Auth and Windows Auth for the web server, Anonymous Auth comes first and even the user is an Active Directory user I can’t access his domain information.
Anyone can help?
One way I know is to set a single page, like AdLogin.aspx, to deny anonymous users and have that page log them into the Forms Authenication module. You then have to create a custom 401 error page that redirects to your Forms login page from your AdLogin. The one thing I don’t like is that AD users try to login through the Forms login page all of the time, and it’s hard to bookmark the AdLogin page because it just does an automatic redirect. I also don’t like that it’s so dependent on a custom IIS configuration.
See my answered here for details: ASP.NET Application to authenticate to Active Directory or SQL via Windows Authentication or Forms Authentication