Hey,
I have built our company intranet (.NET 4.5) which allows users to upload documents. They can then share these documents by a simple 'Share via email' button, which is a simple mailto: link, using an 'encrypted' link; each uploaded file has a unique ID (SQL) and the link contain this unique ID, which is checked in a SQL db and the actual file is offered up.
All file access is logged - creating, deleting, restoring and retrieving. I'm currently using Integrated Windows Authentication (IWA), and the currently logged in user is written to an Access_By column in the DB.
In terms of retrieving documents, I would like to open up the 'Share via email' feature to external (non domain user) recipients. Obviously this won't work because they won't be authenticated so it will fail.
Is it just a case of enabling Anonymous authentication - would this still use IWA for domain users?
I'm wondering though, if it might be better to move the file retrieval pages/code to a new web site that has both IWA and anonymous - if the request is authenticated (IWA) write the current user, and if it's anonymous write the word Anonymous.
Thanks