I have a web application that allows anonymous access and windows authentication.

Basically, the app try to auto-login users by windows authentication if the windows user is in a user list in the application, otherwise it shows the login screen. If no credential is provided, the app then shows a login screen where the user could login using a application internal user.