Turns out it is quite easy to allow your users to log on with their Active Directory usernames and passwords when you expose a .NET MVC application to the internet.
Either select the following option from the new project menu:
Or add the following change to the web.config file:
<authentication mode="Windows" />
Enable windows authentication in IIS:
And the result is I can now log on using my domain account details:
However there are the following limitations:
- After entering my password the browser (tried Chrome and Safari) did not give me the option to remember my password, although it kept me logged on even after closing and opening the browser, this time limit is controlled in a policy by the domain admin. (http://stackoverflow.com/questions/6923191/windows-authentication-session-timeout).
- On first look it appears that you cannot specify a domain, it will use the domain of the web server so we need to make sure the web server is on the domain that we want to authenticate against.