I need the ability to bypass the forms authentication login page when the
user requesting the protected page is running on our corporate network and
is also logged into the corporate domain. How do I do this?

Thanks,
Mike Ober.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/mixedsecurity.asp

[quoted text, click to view]

Thats not easily doable.

the easiest way is to provider two application entry points - one for non-domain
users, and a separate app for domain users that converts the windows account
details to a forms auth cookie.

another option is to modify the pipeline and inject some modules that "bypass"
forms auth - this needs some kind of indicator if windows auth should be
used or not - like an IP address range for domain users.

i described both approaches and trade offs in detail here - but feel free
to ask more questions:

http://www.microsoft.com/mspress/books/9989.asp

---
Dominick Baier, DevelopMentor
http://www.leastprivilege.com

[quoted text, click to view]