Authentication

Authentication is the mechanism that allows determining the identity of who is making requests to your web application. Authentication is often combined with authorization, which is the process of determining whether access is granted or denied to the authenticated user. Generally, authentication requests require the entering of a username/password combination or other information, such as an access token.

Upon installation, IIS 8.0 allows you to determine which authentication methods will be installed on the server. The authentication options that can be installed are Basic, Windows Integrated, Digest, Client Certificate Mapping, and IIS Client Certificate Mapping. Again, all these options are installed by modules and handlers, allowing you to select which modules are used by the application. If no authentication will be needed on the server, the default Anonymous authentication is always loaded and allows the site to be used without clients having to sign on to the site.

Note

Chapter 14 goes into greater detail about authentication methods and setup.

Get Professional Microsoft IIS 8 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Professional Microsoft IIS 8 by Kenneth Schaefer, Jeff Cochran, Scott Forsyth, Dennis Glendenning, Benjamin Perkins

Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly