I'm relatively new to using IIS 7. I'm getting confused by the various options that IIS 7 provides.
What does setting authentication mode="Windows" do in the web.config of my ASP.net site do? What does enabling Windows authentication in the Authentication module in IIS 7 do?
What is the difference between these two? Does one override the other? Does this change whether you run in integrated vs classic mode?
IIS7 leverages web.config files. There is tight integration in IIS7 and ASP.NET any changes made in the web.config are reflected in the management console and changes in the management console write changes into the web.config.
As far as windows authentication it uses the servers local Windows users as its user store. This is typically more useful for an intranet application that has tight security requirements and existing active directory user base.
Most internet facing applications should use Forms authentication or a custom authentication provider. You user store can be in the web.config but most applications would keep their userstore in a database
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With