IIS 6: The Complete Reference

Overview

Authentication is an important feature of any secure web site. Every time a client browses to a web site, it needs to be authenticated before it can access the resources it is requesting. By default, that authentication all takes place on the server, and the client isn’t even involved. Some authentication settings can make for easy access to a web site, but sometimes you want to limit who sees what information on your site. This is where more restrictive types of authentication come in.

In this chapter, each of the following major types of IIS authentication is covered:

• Anonymous authentication

• Basic authentication

• Digest and Advanced Digest authentication

• Integrated Windows authentication

• .NET Passport authentication

  Note

  Certificates can also be used for authentication. They’re covered in detail in Chapters 2 and 10.