External/Internal Users

[Smellyfrog]

Hi,

I have managed to have mod_auth_kerb to work on my development machine.
All is good. What I need though is to automatically authenticate the
users that can be (IE users from our own domain) and then log them in
but NOT to block the others. Instead if the other users (External
users) can not be authenticated I want to present them with our already
existing login JSP page. All our users are connecting to our server
through the Internet, not the WAN.

Does anyone have any idea on how to implement this?
Our first idea was to switch people between two apache servers (One
with Kerberos, the other without it) according to their IP. But it
seems to be a nightmare for our admins, expecially since we already
have 2 webservers and tomcat servers with load balancing.

Tell me if I'm wrong, but I don't think there is a way to configure
mod_auth_kerb to let people who could not authenticate go through.

Any suggestion is welcome.

Thanks
Yannick