Configuring User Authentication

Applies To: Windows Server 2003, Windows Server 2003 with SP1

Authenticating users early in the connection process reduces the amount of information that can be gained about your IIS 6.0 solution through anonymous access. In highly secure Web sites and applications, you need to require authentication before the user can access any of the information. For other Web sites and applications, you might require authentication only when the user is going to access portions of the Web site or application that contain confidential information.

Figure 3.5 illustrates the process for configuring user authentication.

Figure 3.5   Configuring User Authentication

Art Image

Based on the types of services provided by the Web server, you might need to provide user authentication for Web sites or File Transfer Protocol (FTP) sites. Web sites and FTP sites support different methods for authenticating users.