Monday, October 30, 2006

ASP.NET and IIS security

d Windows authentication is used together with IIS authentication. When IIS authentication is complete, ASP.NET uses the authenticated identitiy to authorize access.

d In a Windows-based authentication model, the requests go directly to IIS to provide the authentication process. IIS first takes the user's credentials from the domain login. If this process fails, IIS desplays a pop-up dialog box so the user can enter his login information.

d Windows authenticaton is quite uesful in an intranet environment where you can let the server deal completely with the authentication process, especially in environments where users are already logged onto a network.

Posted by Dillone Hailei Wang 王海磊 at 10/30/2006 04:08:00 PM

Labels: , ,