Monday, January 12, 2009

Windows Authentication


Windows authentication is a means of authenticating users of web applications that run on an intranet with their ntlogin.
The role placed by IIS in windows authentication differs from Forms authentication,.
In Forms authentication we need to set anonymous authentication where as in windows authentication IIS is configured to block windows authentication.After set the security levels in IIS
-Web.config file need to be set up with Authentication mode set to “Windows”
  <authentication mode="Windows" />


Set the <identity> element to

impersonate:

  <identity impersonate="true" userName="" password="" />


If you want all requests to use a different account than IIS used for authentication, the userName and password attributes of the <identity> element can be set to the desired username and password.

  • Configure the <authorization> element to

    deny access to all users:

      <authorization>

          <deny users="*" /> <!-- Deny all users -->



    </authorization>



    Add location element if you need to restrict access only to certain pages
    • Posted by Harika at 4:32 AM

    2 comments:

    1. Asif SJanuary 15, 2009 at 1:25 AM

      Mam your blog is really useful

      ReplyDelete
    2. AnonymousJanuary 16, 2009 at 1:20 AM

      Thanks Asif,I will add more concepts..keep posting if you have any queries, any time

      ReplyDelete

    Subscribe to: Post Comments (Atom)