Windows integrated security authentication (often referred to as Windows authentication) is the easiest security mechanism to implement. The basic vision is beautiful in its simplicity: if the user has already logged on to Windows, the browser can silently pass the user’s credentials to ASP.NET. Let’s look a little closer at how the mechanism works. First a user logs on to a Windows NT Domain with a user name and password. When the user tries to access a Web site that uses Windows authentication, the browser sends the user’s logon credentials in an encrypted format to IIS. IIS authenticates the user’s credentials and then passes the authenticated identity to ASP.NET. For the user this is very easy; the ...