What are the differences in considerations in respect to designing or developing an Intranet and an Internet application ?
Intranet Vs Internet Web application considerations
intranet
Related Solutions
Based on what your are describing, Windows Authentication in IIS will do the trick.
First some links:
- Technet as an article about the Windows Authentication in IIS here
- MSDN tells you how to use Windows Authentication with ASP.NET 2.0 applications here
However note the following:
Single sign-on (SSO) (i.e. accessing the application without providing a username and password) will occur if all the following are true:
- The client computer and the server are part of the same Active Directory domain.
- The user session on the client computer is a user from the AD domain.
- The client computer has access to a domain server (i.e. the server responsible for the user login)
- The browser is Internet Explorer.
- The URL used points to the FQDN of the server (i.e. http://SERVERNAME.DOMAIN.NAME/ not just http://SERVERNAME/
- The authorized users must have read access to the application directory if you are using impersonate. The application will be running with their credential basically. (more details in the MSDN article)
Under any other circumstances the user will be prompted for credential (username and password) for an account within the Active Directory Domain. So user accessing your webserver from the internet would get a popup asking them to provide a username and password.
Be advised that for user not using single signon (user being prompted for username and password) the HTTP authentication mode will most likely be BASIC which mean that anybody that can intercept that connection will be able to see the username and password being exchanged. If you go with this technique make that the connection between client and server is encrypted (HTTPS or maybe a VPN).
It is possible to override the compatibility mode in intranet.
For IIS, just add the below code to the web.config. Worked for me with IE9.
<system.webServer>
<httpProtocol>
<customHeaders>
<clear />
<add name="X-UA-Compatible" value="IE=edge" />
</customHeaders>
</httpProtocol>
</system.webServer>
Equivalent for Apache:
Header set X-UA-Compatible: IE=Edge
And for nginx:
add_header "X-UA-Compatible" "IE=Edge";
And for express.js:
res.set('X-UA-Compatible', 'IE=Edge')
Best Answer
One other thing, in an intranet environment you will generally have a standard client build meaning that you can code to a specific browser & version (ha, IE6 normally).
Out in the wilds of the internet, you have to deal with all sorts of browsers & versions, so your html/css/js needs to handle all of these.