Re: secure site - multiple users w/ 1 user account?

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 06/10/05 

Date: Fri, 10 Jun 2005 06:33:41 -0700

Yes, what I described should work.

Enable authentication everywhere (so the secured content requires
authentication).

Enable anonymous authentication on the less secure content itself (either on
a per-file or per-vdir basis, depending on what suites your needs). This
allows ANYONE to access this content, unauthenticated. Thus, the "100 new
users" will just access it by default, as will your existing users --
everyone can access this content as your defined anonymous user account in
IIS (default is IUSR_MachineName). 

-- 
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
<b_russ@yahoo.com> wrote in message
news:1118018372.565438.124930@g44g2000cwa.googlegroups.com...
Hi David, Actually I'm not sure if it is digest authentication. It
uses a SSL certification. The server is outside the company firewall.
People from other companies can access it. Up to this point, a new user
account / PW is created for each user (it does Not use the company AD
list)
I'd like for the 100 new users to access ONLY the less secure content
in the New folder.
Regarding anonymous access: If I added the existing security groups
(users) to the New folder, would the current users then be able to
access the new Page with their existing credentials (if we enabled
anonymous access) - or do they need to use the anonymous UN/PW for the
New page?
I need to write instructions for the network admin who will actually do
the changes, does this sound correct:
1) In IIS, go to "New Folder" -> directory security -> edit ->
2) Enable Anonymous Access
3) Create the Username/PW as: (can I make the username anything?)
4) (Should I have 'allow IIS to control PW' checked?)
5) Add existing security groups 'Group A, B' to New Folder
6) Assign read & execute to user groups
Bryan

Relevant Pages

  • Forms authentication: need help urgently !!!
    ... to secure it using Forms authentication. ... and very new to "forms authentication" but I understand it's a pretty ... In this folder I have the loginpage, ... Upon sucessfull login the user should be ...
    (microsoft.public.dotnet.framework.aspnet)
  • HELP !!! forms authentication !
    ... to secure it using Forms authentication. ... and very new to "forms authentication" but I understand it's a pretty ... In this folder I have the loginpage, ... Upon sucessfull login the user should be ...
    (microsoft.public.dotnet.framework.aspnet)
  • It is an error to use a section registered as allowDefinition=MachineToApplication beyond applicatio
    ... When i configure the web.config to secure that folder, ... On my testing server it works fine, on the live server it doesnt. ... What's the point of having forms authentication when ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • application security Hierarchy
    ... I have a login page and a web.config. ... The authentication and authorization sections of the ... 'Security' being a folder within the project i.e.: ... >I'm trying to secure my application. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: PEAP-TLS vs EAP-TLS
    ... The documentation is correct in the order of being most secure though most ... confusing here is that EAP and EAP-TLS are not the same. ... does not allow authentication to be done in clear text. ... Take a look at "Securing Wireless LANs with Certificate Services" ...
    (microsoft.public.windows.server.security)