When I had the requirement to check the authentication type via code in SharePoint, I did some quick search with Google, and found two main ways talked on internet.
After played with both of them, I found using ServerVariables[HTTP_AUTHORIZATION] does not work well in my environment, while using HttpContext.Current.User.Identity.AuthenticationType is reliable.
See code and comments below:
//// check if it is Negotiate (Kerberos) – wrong way…
if (String.Compare(Context.Request.ServerVariables["HTTP_AUTHORIZATION"].Substring(10, 1), "Y", true) == 0)
// Note:
// The way to check ServerVariables["HTTP_AUTHORIZATION"] doesn't work as cache cookie may be applied.
// In which case, ServerVariables["HTTP_AUTHORIZATION"] won't be available.
// Use HttpContext.Current.User.Identity.AuthenticationType is reliable, return string "Negotiate" or "NTLM"
Figure: Bad example
//// check if it is Negotiate (Kerberos) – correct way...
var authType = HttpContext .Current.User.Identity.AuthenticationType;
if (authType.Equals("Negotiate" , StringComparison.OrdinalIgnoreCase))
{
// we are using Negotiate (Kerberos)
return true ;
}
else
{
// we are using NTLM
return false ;
}
Figure: Good example