[RESOLVED] VS2010 What type of security should I use?

[davieeeee]

Hi,

I was hoping someone could point me in the right direction as to what security technology I should use to meet my requirements.

I need the following:

- An ASP.Net Intranet site running on IIS7.
- All users will be using Internet Explorer.
- There is only one domain which is authenticated using Active Directory.
- In Active Directory, the users are split up into Security Groups.
- The user should be able to type in the URL, then see the website without any authentication. Their Security Group should have been passed through automatically by their windows logon. I would then like to control their webpage navigation menu access by their Security Group.
- I need to somehow be able to log in as an alternate Active Directory user on the same computer if required.
- The user logon details need to be able to be passed through to SQL connections.

My questions are what technologies should I pursue to achieve all this?
I've seen terms such as Windows Authentication, Kerboros, Impersonation etc which I am not sure is relevant or not.

- Is Windows Authentication what I am after?
- Does IIS somehow automatically pass in the users authentication information to SQL if I select Windows Authentication in the connection string?

Any suggetions are appriciated.