Groups | Blog | Home
all groups > iis security > november 2005 >

iis security : website authentication question


orangenick2002 NO[at]SPAM yahoo.co.uk
11/23/2005 5:58:20 AM
Hi, I work for a consultancy that is offers free hosting to an NPO.
they have requested that a part of the website be available only to
certain users (around 2000). I'm not sure how to do this as I've never
made a website with authentication other than internal websites with
authentication based on active directory.

At first I thought I could manage these users with AD, however AD only
allows me to create access accounts that exist within my domain. I
thought perhaps I should use IAS on server 2003 to provide raduis
authentication, but I have never used this technology and was hoping
someone could tell me if this is the right direction to go.

the users should authenticate with any username@domain.com they want.
I believe the client then wants (in the long term) to point specific
content at each user so they will need to be able to retrieve the login
name from asp once authenticated.

thanks!

nick brandwood
orangenick2002 NO[at]SPAM yahoo.co.uk
11/23/2005 6:22:27 AM
sorry, to add that I am now very confused as to whether I should use
ISA or IAS ?

http://www.isaserver.org/tutorials/ISA2004-RADIUS-Authentication-Web-Publishing-Rules-Part2.html
orangenick2002 NO[at]SPAM yahoo.co.uk
11/23/2005 6:51:42 AM
Hi tom,

That the link given in your reply uses a SQL-Server database to store
user credentials. My aim was to use an existing authentication system
to avoid having to create pages for the maintenance of user credentials
as they are not paying for this service - and to learn something new.

thanks for your prompt response,

nick
orangenick2002 NO[at]SPAM yahoo.co.uk
11/23/2005 7:02:46 AM
I don't think so.
I think they will be using asp normale

thanks for the prompt response
Tom Kaminski [MVP]
11/23/2005 9:20:11 AM
[quoted text, click to view]

Are they using ASP.NET? Forms Authentication would be good for this.
http://support.microsoft.com/kb/308157/EN-US/

--
Tom Kaminski IIS MVP
http://www.microsoft.com/windowsserver2003/community/centers/iis/
http://mvp.support.microsoft.com/
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS

Ratatooie
11/23/2005 10:39:24 AM

[quoted text, click to view]

For $180 for one virtual web, (the price has gone up since I bought it, used
to be $100) you can buy an ISAPI filter that uses one domain account (easy
for you to manage) to piggyback on many many accounts from a flat database
file. With a little set up, you can give the NPO IT guys access to the file
to make updates without your participation.

The program I use is called "Dynamic Authentication Filter"

There may be cheaper ones out there... I stopped looking after I had the
funding for this one.

Ken Schaefer
12/1/2005 12:00:00 AM
If you want to "use an existing authentication system" - what Auth systems
do you have already?

You can use ADAM (AD Application Mode), AD, AzMan - a whole bunch of things,
but what do you have already that you wish to leverage?

Cheers
Ken

[quoted text, click to view]
: Hi tom,
:
: That the link given in your reply uses a SQL-Server database to store
: user credentials. My aim was to use an existing authentication system
: to avoid having to create pages for the maintenance of user credentials
: as they are not paying for this service - and to learn something new.
:
: thanks for your prompt response,
:
: nick
:

Got something to say? Click here to post a reply to this thread.
Don't see what you're looking for? Try a search.
View other messages about iis security
AddThis Social Bookmark Button
View Other Months
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
home · blog · groups Questions? Comments? Contact the dn