I am building a ASP.NET MVC 5 Web Application which should be used by corporate users. When they are inside the corporate Network the should be authenticated automatically by Windows Authentication. When they call the application from outside the corporate Network from lets say a mobile phone, they should be redirected to a logon page where they can authenticate against active Directory. I've tried different things, but haven't been successfully so far. The last thing I tried was to create an authentication filter with the following configuration:
Web Application setting in IIS: Authentication = Windows Authentication Web.Config Setting: authentication mode = Windows
From inside the Network this works fine. But when I try to authenticate from outside I get the authentication request before the AuthenticationFilter was hit.
In the second try I tried the following Settings:
Web Application setting in IIS: Authentication = Windows Authentication + Anonymous Web.Config Setting: authentication mode = Windows
With this Setting when I call the site from inside the Network the AuthenticationFilter gets hit twice. The first time with anonymous authentication, the second time with the real user I am logged in with.
Is there a way to configure the order authentication happens or any other way to get both Scenarios handled?
