Most suitable authentication method for our IIS web application

We are designing a .Net web application which will primarily used by employees.  We are Windows environment and we would like users who log into the domain not need to subsequently log into the site but instead the site reference the logged in user's AD group affiliation to enforce security.

Some users external to our LAN will also need to access the application.  If they are logged into their non-company PC we would like for them to be prompted for their AD credentials.

What is the best authentication for this?  Also, how can I set my development environment (Visual Studio 2013 Pro) up to emulate this?
canuckconsultingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Trenton KnewOwner / Computer WhispererCommented:
I can't tell you exactly how to do it, but You should be able to use NTLM authentication, which would automatically log the person on if they are logged into a domain computer.  We use Passwordstate password manager and it uses this very method of authentication.  When I access it via a web browser, it never asks me for credentials if I'm myself logged into a domain computer, but people who are not authorized to use it get denied access.  Passwordstate runs on IIS and MSSQL, so I know it is possible.  I just can't give you more direction than that, unfortunately.
0
Trenton KnewOwner / Computer WhispererCommented:
the Default "Windows" authentication should do what you're looking for, no?

http://msdn.microsoft.com/en-us/library/134ec8tc(v=vs.90).aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
canuckconsultingAuthor Commented:
Default "Windows" authentication with disabled anonymous access was the ticket.  Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.