开发者

IIS 7 - Authentication in IIS vs Authentication in web.config

I'm relatively new to using IIS 7. I'm getting confused by the various options that IIS 7 provides.

What does setting authentication mode="Windows" do in the web.config of my ASP.net site do? What does enabling Windows authentication in the Authentication module in IIS 7 do?

What is the difference between these two? Does one override the other? Does this change whether yo开发者_StackOverflow社区u run in integrated vs classic mode?


IIS7 leverages web.config files. There is tight integration in IIS7 and ASP.NET any changes made in the web.config are reflected in the management console and changes in the management console write changes into the web.config.

As far as windows authentication it uses the servers local Windows users as its user store. This is typically more useful for an intranet application that has tight security requirements and existing active directory user base.

Most internet facing applications should use Forms authentication or a custom authentication provider. You user store can be in the web.config but most applications would keep their userstore in a database

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜