Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
You can require users to provide a valid Microsoft® Windows® user account name and password before they access any information on your server. This identification process is called authentication. Authentication, like many of the features in IIS, can be set at the Web site, directory, or file level. IIS provides the following authentication methods to control access to the content on your server.
Anonymous Authentication in IIS 6.0: Gives users access to the public areas of your Web site without prompting them for a user name or password.
Basic Authentication in IIS 6.0: Requires a previously assigned Windows account user name and password, also known as credentials.
Digest Authentication in IIS 6.0: Offers the same functionality as Basic authentication, while providing enhanced security in the way that a user's credentials are sent across the network.
Advanced Digest Authentication in IIS 6.0: Collects user credentials and stores them on the domain controller as an MD5 hash, or message digest.
Integrated Windows Authentication in IIS 6.0: Collects information through a secure form of authentication where the user name and password are hashed before being sent across the network.