WMS Digest Authentication

Applies To: Windows Server 2008, Windows Server 2008 R2

If you want users that connect to your server from the Internet to be able to access content after they provide their user names and passwords, you can enable the WMS Digest Authentication plug-in. This plug-in uses a challenge/response HTTP authentication scheme that does not require a password to be sent over a network. Instead, the plug-in uses a hashed version of a password to authenticate the user. This method is considered to be more secure than basic authentication but not as secure as the NTLM, Kerberos, or other private-key authentication schemes.

The WMS Digest Authentication plug-in is appropriate for situations in which your audience is connecting from an outside network, such as the Internet, and you want to be able to provide minimal user authentication.

This plug-in uses realm identification to authenticate users against Microsoft Active Directory domains. A realm is a logical grouping of resources used to authenticate users and groups. User name and password pairs are associated with realms to allow the same authorization information to be used for multiple resources.

To use the WMS Digest Authentication plug-in, Windows Media Services must be part of a Microsoft Active Directory domain. The domain controller for the Active Directory domain must be a computer running either Windows ServerĀ 2003 or Windows ServerĀ 2008.

Note

Digest authentication is supported by Windows Media Player 9 Series or later. Users that try to connect using a previous version of the Player are not authenticated and receive an access denied message.