S
Stephanie Stowe
I am new to ASP.NET having come from ASP classic background. I need to
understand authentication. I have a server running IIS which contains an
ASP.NET app. On IIS the app has both anonymous and Windows Integrated
Authentication enabled. In the ASP.NET app, the web.config file contains
<authentication mode="Windows" />
The help on this element says of this setting
Specifies Windows authentication as the default authentication mode. Use
this mode when using any form of Microsoft Internet Information Services
(IIS) authentication: Basic, Digest, Integrated Windows authentication
(NTLM/Kerberos), or certificates.
A user running IE6 (which is all of our users) also has User Authentication
settings in IE from which one might choose Anonymous, Automatic logon only
in Intranet zone, Automatic logon with current user name and password and
Prompt for user name and password.
I am trying to determine which set of credentials are being used when a
customer logs into the site. The only thing I do not know (and cannot know
until 11:30 or so when west coast shows up) is exactly what the IE
authentication settings are. The site is in the IntERnet zone. And I *think*
that they have Automatic logon only in Intranet zone.
My question is, with all these settings in different places, how is the
actual set of credentials determined?
Thanks!
understand authentication. I have a server running IIS which contains an
ASP.NET app. On IIS the app has both anonymous and Windows Integrated
Authentication enabled. In the ASP.NET app, the web.config file contains
<authentication mode="Windows" />
The help on this element says of this setting
Specifies Windows authentication as the default authentication mode. Use
this mode when using any form of Microsoft Internet Information Services
(IIS) authentication: Basic, Digest, Integrated Windows authentication
(NTLM/Kerberos), or certificates.
A user running IE6 (which is all of our users) also has User Authentication
settings in IE from which one might choose Anonymous, Automatic logon only
in Intranet zone, Automatic logon with current user name and password and
Prompt for user name and password.
I am trying to determine which set of credentials are being used when a
customer logs into the site. The only thing I do not know (and cannot know
until 11:30 or so when west coast shows up) is exactly what the IE
authentication settings are. The site is in the IntERnet zone. And I *think*
that they have Automatic logon only in Intranet zone.
My question is, with all these settings in different places, how is the
actual set of credentials determined?
Thanks!