IIS: Switching Back to Normal after SSL-Secured Basic Authentication

[rkjones]

Hi,

I'm using IIS 6.0 and I'd like to be able to use "Basic Authentication" over SSL in order to accomodate older Macintosh clients incapable of the "Windows Integrated" authentication.

Here's what I'd like to see happen:

1. User connects over normal HTTP.
2. User is routed via script to use SSL.
3. While user is connected via SSL, basic authentication takes place.
4. Once user is authenticated, user is then redirected to another page on the same site, but does not use SSL for the connection.

If I leave Basic Authentication on for the whole site, the user obviously gets a password box before entering the site. If I redirect from the first page to a second page and require SSL and Basic Authentication only on the second page (with Allow Anonymous Access unchecked), then the authentication happens in an SSL session. But, when I redirect them to a third page that also requires Basic Authentication but does NOT use an SSL connection, the credentials from the second SSL-connected page do not pass to the third non-SSL-connected page, and the user is prompted to login again.

Any ideas how to do this?

Thanks.