We are looking to create a web application that will be hosted for internal (AD Domain) and external use. Hosting provided by a Windows 2008 R2 server with IIS 7.5, connecting to a SQL 2008 server on the same domain. Delegation is neccessary for this application, as individual user activity within SQL is monitored. The delegation setup works well using Windows Authentication in IIS. The problem is, this isn't a very "nice" interface for anyone using the site external to our network - they are just presented with a generic logon pop-up box as soon as they come to the site. We would like to use forms authentication for our external users, so that they come to the site, see a page to log in, and based on their Active Directory credentials, are either granted access or not. The catch is, we still need delegation to work to our SQL server. Is this setup even possible? We've been working on it for nearly a year and are still coming up empty with everything we try.
Thank you for any assistance.