I am about to start a new ASP.NET MVC5 project and I am planning the authentication / authorization requirements at present.
The client wants Windows authentication, to prevent their users having to remember another new password. The site is web facing, so the downside would be an ugly pop up box asking for their credentials when they are accessing it offsite. Worse yet, on mobile, this box would be a problem.
The Active Directory Authentication options from out of the box are new to me, but after some reading appear to be more about controlling roles and authorization through your AD groups. I intend to keep all authorization concerns internal to the application.
Ideally, users will have Window authentication but with a nice login page where they can select their domain from a dropdown box and enter their domain login credentials. From some reading I thought possibly ActiveDirectoryMembershipProvider is the answer. However with the new available options I want to be sure there is not other options before blindly taking this route.
Best Answer
Well, I found This which is cleanest i've found. I have confirmed the new OOTB options are not suited. This is just showig switching out form membership to use the AD Membership instead. You can then just clear out all the ApplicationUser stuff.