IIS6.0 UI vs. IIS7.x UI Series: Authentication Methods Wrap!

This week in the blog series (Introduction to the series – here), let’s wrap up side by side UI comparison between IIS6.0 and IIS7.x authentication methods.

For side by side comparison on Authentication methods, we have covered Anonymous Authentication, Basic Authentication, Digest Authentication and Integrated Windows Authentication.

There are a couple of IIS6.0 Authentication methods that are not supported on IIS7.x:

- .Net Passport authentication was retired in W2K8. Passport support is not included in W2K8 and so .Net Passport authentication is not supported on IIS7.x

- IIS 6.0 Digest Authentication is not supported on W2K8, only Advanced Digest authentication is supported. Digest Authentication in IIS7.x  maps to Advanced Digest Authentication in IIS 6.0


In addition, IIS7.0 applications using ASP.Net Integrated mode use a unified (between IIS and ASP.NET) authentication model. When ASP.Net is installed, another authentication method is also available:

- Forms Authentication: Forms authentication uses client-side redirection to forward unauthenticated users to an HTML form where they can enter their credentials, which are usually a user name and password. After the credentials are validated, users are redirected to the page they originally requested. You can learn more about forms authentication at: http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/


As I wrap up Authentication methods, quick note about Client Certificate Authentication. This authentication methods adds SSL security through client and server certificates. It requires SSL to be configured for the site.  This feature surfaces under Secure Communications section in IIS6 UI and split in IIS7 UI between SSL Settings and Server Certificates. I will cover side by side comparison of these sections in a separate blog.


Next blog in the series: Default Document

As always, please drop a comment if there are any specific UI modules/properties you would like to be compared next and also if you have any feedback on the level of detail.

1 Comment

  • Thanks for this post. For more info about setting up IIS7 security on your LAN visit my Blog: IIS7 Setup and Security http://meshfields.de/blog/?p=345

Comments have been disabled for this content.