Recently I read an EPiServer forum post about securing EPiServer edit and admin mode. If I understood the post correctly then there is a public facing EPiServer site, using the standard SQL providers. The requirement was to prevent access to edit and admin mode to all but a restricted set of IP addresses.
Following on from Ben Morris' blog about Converting EPiServer 6 to use claims-based authentication with WIF I was intrigued to see if it was possible to create a role and membership provider that allowed us to use WIF in EPiServer with little or no modification apart from configuration changes.
If you want to skip the long descriptions and prefer a list then simply skip to the list at the bottom of the page.
I was setting up windows authentication for an EPiServer site on my development machine. The requirement was simple: have a windows authenticated site, with no anonymous access and therefore no log in. It was a fairly new build and I'd not used the windows membership and role providers before on this particular machine. There turned out to be quite a few steps in the end so I thought I'd write about them here. All steps are designed for Windows 7 / IIS7.x but can easily be replicated on previous versions of Windows.