Recommended practice to request security info for a Web client

.NETters,

In our application, we need to download some data files over the Web. The
website to access and the security information must be specified by the end
user.

I would like to make the security dialog box as intuitive as possible. I
would appreciate it if you could answer one or more of the following
questions.

Authentication:
--------------

1. Must we always set HttpWebRequest.PreAuthenticate to true or should we
ask the user? Or, can we just leave it to its default value (false)?

2. There are many authentication types that are available - Integrated
Authentication, Basic, Digest, etc. Can we get away by not asking the user
about the authentication type? I am thinking we just have two edit boxes for
username and password. If the username is left blank, we use Integrated
Authentication. If not, we just build the credential cache with all possible
values:

Cache.Add(uri, "Basic", new NetworkCredential(username, password))
Cache.Add(uri, "Digest", new NetworkCredential(username, password))

Do you see anything wrong with this logic?

3. Are there other authentication types besides Basic and Digest that can be
used with NetworkCredential?

SSL:
---

1. My understanding is that the WebRequest class internally can handle
http://blah or https://blah automatically. Is there a case where I need to
request the user for additional information?

General:
-------

1. Is there any standard UI that already deals with Web client security that
I can leverage?

Thank you in advance for your help.

Pradeep

===================================
This list is hosted by DevelopMentor®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com