1

We have a few intranet applications currently using Integrated Windows Authentication in IIS 6.0 that we are considering making available externally (employees would be able to log in from home on the internet). Just to be clear, this means that in the Directory Security dialog, the Integrated Windows Authentication box is checked and all other checkboxes are unchecked.

We want to keep the Active Directory tie in for username and password, so I've been doing some research about which direction to move. After reading quite a bit about windows authentication, some things still aren't clear to me.

Here are the questions I have:

  1. If I move the existing application as-is to a public site, will the integrated authentication still work from home?

  2. If it does work, is the password still secure? I was thinking the answer is yes, but I don't know exactly how this would work if I used Firefox on my Mac at home to log in, etc. Would SSL be recommended?

  3. Even if it does work, should we really be using integrated authentication on a public site? I can make this happen but it's extra code and we would lose the automatic sign-in for employees using the site at work.

Improve this question

1 Answer 1

Reset to default
3
  1. No. If I understand you correctly, the computers at home are not logged in to the domain. So Integrated authentication won't work. I think that in this scenario IIS fall back to basic authentication.
  2. No. If IIS fall back to basic authentication then it's not secure. You have to use SSL to make it secure.
  3. You can use basic authentication on the internet with ssl. And still use integrated authentication on the LAN. You won't lose the automatic sign-in.
Improve this answer
1
  • Thanks for the answer. Do you know of any documentations that backs up number 1? Commented Oct 27, 2009 at 15:52

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.