 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / IIS / IIS Security / October 2008Logon details
Hi All Is there a way that a user can logon to a webserver by just giving their username and not Domian\username or username@domain We have a Web Server on IIS when users are prompted for their passwords we would like them just to enter thier username and password would this be possible in IIS wayne > Hi All > [quoted text clipped - 6 lines] > > wayne It is all possible on IIS. The question is what authentication protocol and identity provider you want to use. If you plan to use the ones built into Windows, then you will have to use Domain\username or username@domain.com (assuming your UPN Domain name = Domain name). That is the only secure approach. Basic Authentication protocol is insecure and allows the Web Server to prepend "Domain" when performing logons, thus allows you to provide just username -- but only within one domain -- if you have >1 domain, this approach won't work. All other secured authentication protocols require username and domain. Custom Authentication Protocols in the form of 3rd party Addons can allow just username, but you'll have to purchase/find them yourself. My personal opinion is that users get used to username@domain because that's how most popular and secure authentication protocols work. You do a dis-service by trying to simply to a plain username. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.