Module 4: Internet Information Services Authentication

This module provides students with information about the Web client authentication methods that are supported by Internet Information Services (IIS) and Microsoft® Windows® 2000 Server. Initial Web client authentication and the flow of user identities through the Web application are the focus of this module. After completing this module, students will be able to select the best IIS authentication method for a given set of requirements.
Nội dung trích xuất từ tài liệu:
Module 4: Internet Information Services Authentication Module 4: Internet Information Services Authentication Contents Overview 1 Lesson: Introduction to Web Client Authentication 3 Lesson: Configuring Access Permissions for a Web Server 16 Lesson: Selecting a Secure Client Authentication Method 25 Lesson: Running Services As an Authenticated User 45 Review 54 Lab 4: Authentication and Access Control 56 Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property..  2002 Microsoft Corporation. All rights reserved. Microsoft, MS-DOS, Windows, Windows NT, ActiveX, Active Directory, Authenticode, Hotmail, JScript, Microsoft Press, MSDN, PowerPoint, Visual Basic, Visual C++, Visual Studio, and Windows Media are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Module 4: Internet Information Services Authentication iii Instructor Notes Presentation: This module provides students with information about the Web client 75 minutes authentication methods that are supported by Internet Information Services (IIS) and Microsoft® Windows® 2000 Server. Initial Web client authentication Lab: and the flow of user identities through the Web application are the focus of this 30 minutes module. After completing this module, students will be able to select the best IIS authentication method for a given set of requirements. After completing this module, students will be able to: ! Explain how Web client authentication is used to pass user identity through a Web application. ! Use Information Protocol (IP) address and domain name restrictions, and IIS Web-based permissions, to effectively control who can access the resources on a Web server. ! List and explain all of the authentication methods that are supported by IIS and select the best method for a given set of requirements. ! Explain how the identity of an authenticated Web client is mapped to a Windows 2000 user identity and passed to Web applications and COM+ components. Required materials To teach this module, you need the following materials: ! Microsoft PowerPoint® file 2300A_04.ppt ! Hypertext Markup Language (HTML) and Flash animation files: 2300A_04_A05_1570.htm, 2300A_04_A05_1570.swf Preparation tasks To prepare for this module: ! Read all of the materials for this module. ! Complete the demonstrations and lab. ! Read Module 5, “Implementing Security on a Web Server,” in Course 2295, Implementing and Supporting Microsoft Internet Information Services 5.0. ! Read Module 12, “Configuring a Web Server,” in Course 2153, Implementing a Microsoft Windows 2000 Network Infrastructure. ! Read the article “Principal and Identity Objects” in the Microsoft .NET Framework documentation. ! For background information on COM+ and role-based security, see Course 2557, Building COM+ Applications Using Microsoft .NET Enterprise Services. ! Read the Microsoft MSDN® Magazine article, “An Introductory Guide to Building and Deploying More Secure Sites with ASP.NET and IIS,” which is available at http://msdn.microsoft.com/msdnmag/issues/02/04/ ASPSec/ASPSec.asp. iv Module 4: Internet Information Services Authentication ! Read the MSDN Magazine article, “Web Security: Part 2: Introducing the Web Application Manager, Client Authentication Options, and Process Isolation,” which is available at http://msdn.microsoft.com/msdnmag/ issues/0700/websecure2/websecure2.asp. ...