Technology | Programming language or technology |
---|---|
ASP | Automation-compliant scripting languages like Microsoft Visual Basic Scripting Edition (VBScript), JScript?, or PerlScript |
ASP.NET | .NET-compliant languages like C# or Visual Basic .NET |
COM (ASP component) | COM and either C, Visual C++?, Visual Basic?, or Java |
ISAPI | C or Visual C++ |
CGI | Perl, C, Visual C++, or Visual Basic |
Section | Description |
---|---|
Describes and compares the features of IIS Web application development. This section is meant to help designers decide if they want to use IIS, and decide what features to use in their Web applications. | |
Describes procedures and code examples for different types of Web applications. | |
Describes the objects, interfaces, structures, methods, functions, errors, and other programming elements that developers can use when creating Web applications for IIS servers. |
<windowsAuthentication>
element defines configuration settings for the Internet Information Services (IIS) 7 Windows authentication module. You can use Windows authentication when your IIS 7 server runs on a corporate network that is using Microsoft Active Directory service domain identities or other Windows accounts to identify users. Because of this, you can use Windows authentication whether or not your server is a member of an Active Directory domain.<providers>
element. When you install and enable Windows authentication on IIS 7, the default protocol is Kerberos. The <windowsAuthentication>
element can also contain a useKernelMode attribute that configures whether to use the kernel mode authentication feature that is new to Windows Server 2008.<extendedProtection>
element was introduced in IIS 7.5, which allows you to configure the settings for the new extended protection features that have been integrated into Windows authentication.Version | Notes |
---|---|
IIS 10.0 | The <windowsAuthentication> element was not modified in IIS 10.0. |
IIS 8.5 | The <windowsAuthentication> element was not modified in IIS 8.5. |
IIS 8.0 | The <windowsAuthentication> element was not modified in IIS 8.0. |
IIS 7.5 | The <extendedProtection> element was added in IIS 7.5. |
IIS 7.0 | The <windowsAuthentication> element was introduced in IIS 7.0. |
IIS 6.0 | The <windowsAuthentication> element replaces portions of the IIS 6.0 AuthType and AuthFlags metabase properties. |
<windowsAuthentication>
element is configurable at the site, application, or virtual directory level in the ApplicationHost.config file.Attribute | Description |
---|---|
authPersistNonNTLM | Optional Boolean attribute. Specifies whether IIS automatically reauthenticates every non-NTLM (for example, Kerberos) request, even those on the same connection. False enables multiple authentications for the same connections. Note: A setting of true means that the client will be authenticated only once on the same connection. IIS will cache a token or ticket on the server for a TCP session that stays established. The default is false . |
authPersistSingleRequest | Optional Boolean attribute. Setting this flag to true specifies that authentication persists only for a single request on a connection. IIS resets the authentication at the end of each request, and forces reauthentication on the next request of the session. The default value is false . |
enabled | Required Boolean attribute. Specifies whether Windows authentication is enabled. The default value is false . |
useKernelMode | Optional Boolean attribute. Specifies whether Windows authentication is done in kernel mode. True specifies that Windows authentication uses kernel mode. Kernel-mode authentication may improve authentication performance and prevent authentication problems with application pools that are configured to use a custom identity. As a best practice, do not disable this setting if you use Kerberos authentication and have a custom identity on the application pool. The default is true . |
Element | Description |
---|---|
extendedProtection | Optional element. Specifies extended protection options for Windows authentication. Note: This element was added in IIS 7.5. |
providers | Optional element. Specifies security support providers used for Windows authentication. |
<windowsAuthentication>
element is configured at the root ApplicationHost.config file in IIS 7.0, and disables Windows authentication by default. It also defines the two Windows authentication providers for IIS 7.0.apphost
when you use AppCmd.exe to configure these settings. This commits the configuration settings to the appropriate location section in the ApplicationHost.config file.