UAG (Microsoft Forefront Unified Access Gateway) authentication for .NET website

Help!

I am absolutely clueless on this. I've been told that the web application I'm building (.net 4 / mvc3 / c# / sql server) will be "sitting behind UAG so we can silently authenticate". I've no idea now how to approach the authentication part of the build in my dev environment.

Should I just use "windows authentication"? Will that be the required setting when the application 开发者_开发知识库goes live? How do I test the authentication?

The people asking me to do this are currently just getting started with UAG too do so any help, pointers, explanations or suggestions will be very much appreciated.

To put the situation in context, this application will be accessible via the company network internally, and also via the web externally (via UAG portal, of course). The company is on Active Directory, and all I actually need to "pull through" to the application to get further people entity data is the AD username.

Thanks in advance.. :)

Which authentication method you use depends completely on your application. I wouldn't worry too much about the UAG, as the idea should be that an existing web application can sit behind this product, rather than we have to customise our web application to sit behind this product. UAG should do the authentication/credential creation heavy lifting.

So in that regard, what is your user model? Do you want people to have to log on, or should their Windows credential be sufficient? Do we want Forms Authentication or Windows?

As an aside, we used the product when it was IAG, and it wasn't the greatest. If there was one thing it definitely did NOT enable was silent authentication. We had more problems with it than the problems it was trying to solve!