Clarification for mixed authentication scenario

I have a Servicestack application that I want to enable in intranet (windows authentication) and extranet environment (basic form authentication).
I enabled both Basic Authentication and Windows Authentication on IIS.
I’d like that the same user id is recognised in a custom repository (in my case Mongodb) with a unique record for both type of authentications with just the login without the domain name.
So that the user ‘intranetdomain/’ is the same record of ‘’ with a custom password for form authentication.
Previously for windows authentication I was using the CurrentPrincipal.Identity.Name and splitting the ‘\’ to get the login without the domain part.
I was thinking to create a new provider based on AspNetWindowsAuthProvider and modify how the current user name is returned but how to combine it with basic credential authentication?
Plus in my existing user collection I have the Id that is a string but in UserAuth it is an int.
I tried to fallow the docs but things are still not clear to me.
So what is the correct path for my scenario?

  • Use the existing AspNetWindowsAuthProvider and CredentialsAuthProvider, and MongoDbAuthRepository
  • Create a new CursomAuthProvider that combines both windows and form
    authentication and create also a derived MongoDbAuthRepository repository that uses strings for id

No record is stored in the UserAuth tables when using Windows Authentication, all details about the user come from Active Directory. You can control what UserName the session is populated with by using a Custom AspNetWindowsAuthProvider and changing what name is used in UserAuthName and which point you can use the UserName to fetch the Credentials User from UserAuth and populate it with the same UserAuth.Id.

Basically you would create the Basic/Credentials Auth users independently like you normally would, if the UserNames match up with their Active Directory login then they’re effectively the same user, i.e. sharing the same unique UserName and UserAuthId.