Discussion in 'ASP .Net' started by Tom, Jun 2, 2005.

  1. Tom

    Tom Guest


    I would like to implement transparent sign-on on my website, available on
    the internet.

    1) For users within my company, I would like to use NTLM and have no prompt
    for login/password

    2) For users outside my company, I would like to authenticate them through a
    form via a bespoke database lookup

    Is this possible with IIS/.NET? Does this mean we have to use both NTLM and
    anonymous authentication?

    Would NTLM work even if IE security setting is set to "Automatic logon only
    in Intranet zone"?


    Tom, Jun 2, 2005
    1. Advertisements

  2. Tom

    Bruce Barker Guest

    the easiest is to use ipaddress, one for the internet, one for the entranet.

    on the logon form page, if the request comes from the entranet, and the nt
    creditials are not set, send a 401, else use the nt credentials to login. if
    not entranet, use standard form logic.

    if you can not have two ipaddress, then you will use mask to determine
    internal address.

    -- bruce (sqlwork.com)
    Bruce Barker, Jun 2, 2005
    1. Advertisements

  3. Paul Glavich [MVP ASP.NET], Jun 6, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.