I forgot to respond to the second part of your question (regarding integrated authentication). Integrated authentication as of this version of Sitefinity seems to be a second-class citizen, but I've made it mostly work. We are looking at authentication two different ways. One is using the ASP.NET SQL membership provider (the default for sitefinity) and the other is using the active directory provider. Using the SQL memebership provider seems to be the best option if there ever will be an instance where you can't use integrated authentication (for example, a disaster recover site that you'd prefer logging in automatically, but don't want to be dependent on active directory in case it goes down, or if non-ad users have to log in). On the other hand, if ONLY active directory users will ever log in, you can change to the AD provider. There is a
help page that gives some info about the ad providers. The role provider documentation seems good, but it seems light on the membership provider info (maybe i'm just missing it though). If you have any questions about setting those up, just ask and I'll try to pull out an example. I'd take a pause at this point and make sure that the membership provider work as you'd expect it to by logging into the login page with your AD credentials.
Once you know that the providers are working, we can start on the auto-login functionality. Important thing to keep in mind from this point on is that this will not work in IIS 7+ with the Integrated Pipeline because you CANNOT use two different authencation methods in one site. This has to be one of the stupidest restrictions in IIS 7+. So, I know you're using XP now, so this is nothing you have to worry about, but when you move to a server OS, keep in mind that you will have to use the classic pipline (this is set in the app pools settings). Ok, now, back to the steps. If you previously turned on integrated authentication for the whole site, turn it off. You want anonymous access only set. I'm sure that you know that the login page is sitefinity/login.aspx. Create two new files in the sitefinity directory, AutoLogin.aspx and AutoLogin.aspx.cs. If you're using Visual Studio as your IDE, just create a new page called AutoLogin.aspx and it will create the cs file automatically. The ASPX have nothing of value in it. Just the basic template:
The codebehind is where the magic is done:
You will need to make one change to this code. On line 17, replace YOURDOMAINHERE with the name of your company's domain. Do not remove the two slashes at the end. Now, in IIS, for THIS PAGE ONLY, disable anonymous access and enable integrated authentication. Now, you have two options on how to make this work. If you want people to be able to log in both manually and automatically, add a link on Login.aspx to AutoLogin.aspx that they can click to avoid having to type in their credentials. Alternatively, if you never need to log in manually, edit Login.aspx.cs and add
as the first line within the Page_Load function. This will automatically redirect them to the autologin page. If in the future you want both manual and auto login, just remove this line.
Please tell me if you have any questions. I figured this out through trial and error, so this may to be the 100% best way, but it seems to work for us. Telerik, please tell me if there is a better way to do this or if my code has any problems. Thanks!
-Keith