I have an application we bought that I need to integrate, and it uses jakarta connection to get to the application from IIS.

So, the basic operation is:

1. user goes to the url
2. Gets redirected to the application
3. SSO is enabled, so redirected back to IIS for fetching of domain credentials
4. Back to application
5. If username is blank show login page, else let user in.

This is a simplification of all the steps, but the basic idea is here.

My difficulty is that I need both Windows Integrated Auth and anonymous on, as some users won't have credentials, and need to be prompted for a username/password.

I have looked at: http://stackoverflow.com/questions/2068546/iis-windows-authentication-before-anonymous already, but the user doesn't get to click on a link to decide. The application goes back to IIS looking for login.aspx and from there I want to either get their domain credentials or pass back to the application empty strings to signify that there are no credentials.

It seems this isn't going to be possible though as if anonymous is on it doesn't make the 401 request so the credentials aren't passed.

If I can't get this to work with just using an ASP page, could it be done using an ISAPI filter, or a module?