OmniSecu.com Logo  
omnisecu.com free mcse ccna rhce linux java learning
omnisecu.com free mcse ccna rhce linux java learning
          Sharefacebook twitter google+ google bookmark yahoo bookmark delicious digg linkedin pinterest reddit stumbleupon evernote diigo blinklist blogmarks livejournal email feed

Tutorials

Authentication Options in Internet Information Services (IIS) 7

External Resources

Anonymous Authentication: In Anonymous Authentication the end user does not supply credentials and the user can use the service anonymously. IIS 7.0 uses fixed user account (USER_<computer_name>) to process the request

Basic Authentication: In Basic Authentication the end-user is prompted to supply credentials, which are then transmitted unencrypted across the network.

Digest Authentication: In Digest Authentication the user’s password is not passed in clear text across the network. Digest authentication hashes the user’s password using MD5 and sent across the network. Windows is unable to store MD5 hashes of passwords for local accounts, thus Digest authentication is only available for Active Directory accounts.

Integrated Windows Authentication: Integrated Windows Authentication uses two separate authentication mechanisms NTLM v2 and Kerberos. The password is never sent as clear text across the network. NTLM authentication uses a hashed version of the user’s password and Kerberos uses shared secrets between the client, Active Directory domain controller, and the IIS server to authenticate the user. Kerberos authentication is only available for Active Directory accounts, whereas NTLM can be used for local account.

Client Certificate Authentication: In Client Certificate Authentication the client presents a certificate to the server. The server is configured to map certificates to one or more Windows user accounts. SSL/TLS must be enabled for this authentication.

Forms-Based Authentication: Forms-based authentication (FBA) authenticates a user using an.HTML form. After authenticating via the.HTML form, an authentication cookie is set by the server. The client must return this cookie with each subsequent request in order for the request to be authenticated.

              Jajish Thomason Google+
Related Topics

No Related Topics Available

comments powered by Disqus


eXTReMe Tracker DMCA.com