Granting Access to Users Using Proxy Accounts

The information provided in this topic is for system administrators and site developers. This topic provides information about the requirements for using proxy accounts. Also provided is detailed information about how users are granted access to your site using proxy accounts, which a site developer needs to understand to customize their login page to implement this scenario.

The following are requirements for using proxy accounts:

• Configure your site to use Windows authentication mode.
• Enable AuthFilter for your site.
• Create a Windows user account (proxy account) in Active Directory for each role.
• Store individual user accounts in a database, such as SQL Server, used to authenticate the user.
• Client browsers must support cookies.

Important

• Because SQL Server passwords travel across the network as clear text, it is highly recommended that you use firewalls to implement a demilitarized zone (DMZ). For information about using a DMZ see Deploying a Secure Site.

Granting Access to a Site Using Windows Authentication with AuthFilter and Proxy Accounts

Users are authenticated similarly to sites using Windows Authentication with Authfilter, as shown in the Windows Authentication Mode topic. The difference, as illustrated below, is that the user accesses the site under the context of the proxy account.

The following diagram show how a user is granted access to a site using Windows Authentication with AuthFilter and proxy accounts.

Copyright © 2005 Microsoft Corporation.
All rights reserved.