Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

how is windows authentication implemented over an IIS server

user-image
Question added by Anees Mohammed Niamathullah , .NET Technical Lead , Cognizant Technology Solutions
Date Posted: 2013/06/05
Najmal Karuthedath
by Najmal Karuthedath , Dot Net Developer , Dicetek

If you select windows authentication for your application, you also have to configure authentication within IIS.
This is because IIS provides Windows authentication.
IIS gives you a choice for four different authentication methods: Anonymous,basic,digest and windows you select anonymous authentication, IIS doesn’t perform any authentication, Any one is allowed to access the you select basic authentication, users must provide a windows username and password to connect.
How ever this information is sent over the network in clear text, which makes basic authentication very much insecure over the internet.
If you select digest authentication, users must still provide a windows user name and password to connect.
However the password is hashed before it is sent across the network.
Digest authentication requires that all users be running Internet Explorer5 or later and that windows accounts to stored in active directory.

More Questions Like This