Asp.net MVC authentication using Form Based Versus Windows based

Question

I am trying to find the best authentication type for my asp.net MVC 4 web application. What my requirement is something MIX between form-based and windows-based.

1. The requirement is to allow the company employees to automatically login to the application if they already login to the company active directory.

2. If a company employee accesses the application from his own PC outside the company network, then he should also be able to login (but I think he should enter hi username and password).

3. Also we have external customers (that currently do not have an active directory username) , they also need to be able to access the mvc 4 web application.

So which approach I should set and implement for managing my asp.net MVC authentication ?, as I find that form-based alone will be able to achieve ONLY part of the requirements and same apply to windows-based ?

Best Regards

Answer 1

I had this scenario at a previous place of work.

Here's what I did:

Implement Forms Authentication, have your own custom table to store user's details. Have a property in the table to indicate whether it's an Active Directory account or not.

When someone logs in, if it's an Active Directory account, authenticate it with AD. If not, just authenticate it with what you have in your table.

As for signing up, you should allow someone to enter their AD credentials, authenticate with AD, then add them to your database. If they don't specify AD credentials, you should just add them as a user in your database and then set them as a non Active Directory user.