I am having some problems figuring out a good way to
implement security that will comply with my sites
requirements. Here is the situation:

I need to allow anonymous connections to my site, but I
also need to automatically log people in using their AD
login information if it is present. Once they are
authenticated and I have their information I handle their
login state with sessions. So if they are not logged in,
they only get some content and if they are they get more.
Now to accomplish this task I allow anonymous
connections, but I check to see if my client is using IE
and is on the windows platform. If so, I create a hidden
I Frame that source is a file that only allows integrated
authentication. Now if the client successfully logs in
this way I refresh the main page and voowala, they get
the full content of the site. Now my problem occurs with
Windows clients that are on the network, but do not
have "Automatically Login" set in their security
preferences. These clients get the stupid grey prompt,
when I would just like them to be treated as if they were
anonymous and have a form along side of my page for them
to login with if they need to. Is there any possible way
to just redirect a user if the client doesn't allow an
automatic login? Or does anyone see a different way of
implementing this so that clients that can automatically
login do and others just see less content with a form to
login?

Sorry I didnt include some basic info:

IIS 6, ASP.net, Win 2003

Also if anyone knows if their is just a way to organize
which authentication happens 1st, then second, etc, I
could set integrated to try first, and if it fails just
use the annonymous login. That is the idea I started