I'm developing a simple Web Forms app which uses an external identity provider to log in users. The user is directed to the external provider's site, logs in there, and then that site redirects the user back to my site with a token identifying the user.
I'm developing using the IIS server that comes with Windows 7.
When I debug, up to the point I redirect to the external provider, I work on the localhost and everything is fine. But the external provider redirects the user to a public domain which points to the development machine, so I am now looking on a page on a public address rather than on localhost. At this point, IE pops the Windows Security dialog, asking for a user name and password.
I might add that VS is running as an administrator, otherwise the project won't load. I have also set <authentication mode="None"> in the web.confing.
Any thoughts on why I'm experiencing this behaviour? Why can't IE let me see the page without credentials?