Article ID: 323176 - View products that this article applies to.
This article was previously published under Q323176
This step-by-step article describes how to implement Windows authentication and authorization in an ASP.NET application.
To use the built in security of Windows and ASP.NET, implement Windows authentication and authorization on groups and users. To use Windows authentication, you must adjust settings in both Microsoft Internet Information Services (IIS) and the ASP.NET application Web.config file.
Authentication and authorizationWindows authentication and Windows authorization are two terms that are frequently interchanged. However, they do not have the same meaning. Windows authentication permits the recipient to determine the user's identity. Windows authorization determines the resources to which a user may gain access.
Configure Web application for Windows authenticationTo configure your Web application for Windows authentication, follow these steps:
Configure the ASP.NET applicationAfter you configure the IIS Web site for Integrated Windows Authentication, you must configure the ASP.NET application to recognize authenticated users. To do this, you must change the Web.config file. In the Web.config file, locate the <authentication> tag, and then set the mode attribute to Windows, as in the following example:
Test authenticationTo test your Windows authentication setting, follow these steps:
Restrict accessIn ASP.NET, you set authorization to the application by adding settings in the Web.config file. You can specify which users or groups are permitted to have access to what resources as follows:
For more information about an ASP.NET security and configuration overview, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/306590/ )ASP.NET security overview
307626For more information about authentication and authorization elements, visit the following Microsoft Web sites:
(http://support.microsoft.com/kb/307626/ )ASP.NET configuration overview