I have developed a .net core 2.2 MVC application that allows both anonymous and Windows authenticated access. I don't want to ask users to log in to their windows account but do need to know if they're already logged in.
For example, I am currently authenticated in my browser. If I go to a controller method that is not decorated with the "[Authorize]" attribute, the HttpContext.User.Identity.IsAuthenticated is false. If I decorate that same controller method with the "[Authorize]" attribute, it does not prompt me to enter my credentials and my identity information is populated in the HttpContext.User.Identity property and the "IsAuthenticated" of that object property is true.
How can I get the HttpContext.User.Identity property populated with the windows user details IF they are authenticated but not trigger the login popup (by using ChallengeAsync or decorating my controller with an "[Authorize]" attribute) if they are not.
Please be kind - identity, authentication, authorization - this stuff is my kryptonite and I really don't understand why! :-) Thank you!