Forms Authentication Using Active Directory / LDAP

First off--thanks for having a look.

MY QUESTION

In a .NET web app, is using Windows Authentication for a extra-net on a WAN consisting of various users, companies, user-agents, etc a bad idea?

---

BACKGROUND

I am lead dev on a fast track (very fast) web application for an extra-net that will allow the client's vendors, suppliers, partners, etc to log on and push and pull certain assets such as image files, videos, flash files, etc.

---

PLATFORM/TECHNOLOGY

Asp.Net 4.0, C#, MVC3

---

PROBLEM (Maybe)

The client's IT department has requested that the app use Windows Authentication to authenticate users. One of the reasons for this (they say) is that the assets that will be pushed/pulled by users reside on a third-party server (Signiant) which already uses credentials form their active directory to authenticate users.

---

MY VIEW

Windows Authentication is going to cause a bunch of headaches. Viewed as a stack, this app will sit on top of the third-party server. So if we use Forms authentication, we can just populate a data table with windows credentials for each user and pass those to Signiant's servers with our requests (you have to do this anyway). If possible, we can even make an LDAP call for the creds on the fly and then pass those to Signiant's servers.

It just seems to me that simple functionality such as "lost password" would be come extremely difficult if we are doing the Windows Auth thing. But, full disclosure, I have never built an Asp.Net app using Windows Authentication so what do I know??

Thanks!

Matt

---

UPDATE 8/12/11

I still don't have an answer as to whether you should do this, but the client is adamant that it must be this way. The app is supposed to be turned over in a month so I will come back and let any follower开发者_运维技巧s of this topic know my findings.

---

ASP.NET has built in support for doing AD Authentication using Forms Authentication, including password recovery.

See: http://msdn.microsoft.com/en-us/library/ff650308.aspx