Using Windows Integrated Auth & Anonymous after jakarta redirect on IIS7

Question

I have an application we bought that I need to integrate, and it uses jakarta connection to get to the application from IIS.

So, the basic operation is:

1. user goes to the url
2. Gets redirected to the application
3. SSO is enabled, so redirected back to IIS for fetching of domain credentials
4. Back to application
5. If username is blank show login page, else let user in.

This is a simplification of all the steps, but the basic idea is here.

My difficulty is that I need both Windows Integrated Auth and anonymous on, as some users won't have credentials, and need to be prompted for a username/password.

I have looked at: http://stackoverflow.com/questions/2068546/iis-windows-authentication-before-anonymous already, but the user doesn't get to click on a link to decide. The application goes back to IIS looking for login.aspx and from there I want to either get their domain credentials or pass back to the application empty strings to signify that there are no credentials.

It seems this isn't going to be possible though as if anonymous is on it doesn't make the 401 request so the credentials aren't passed.

If I can't get this to work with just using an ASP.NET page, could it be done using an ISAPI filter, or a module?

UPDATE:

I found a possible solution, but I need to figure out how to get it to work, as my login page is on the JBoss server.

http://mvolo.com/blogs/serverside/archive/2008/02/11/IIS-7.0-Two_2D00_Level-Authentication-with-Forms-Authentication-and-Windows-Authentication.aspx

Answer 1

Hi,

Keep the Authentication in the IIS as the Anonymous.

When loading the home page check the ACTIVE DIRECTORY for the current logged in USERNAME if exist

provide the extra functionality to current user or else with fewer options.

Refer --> Active Directory Cheking