How To Implement Windows Authentication In IIS and IIS Express




Windows Authentication is mainly used in Intranet Environment. We can enable Windows Authentication in IIS and IIS Express level. Windows Authentication is secure because the user name and password are hashed before sending across the network. There may be two types of protocols in Windows Authentication. Kerbose and NTLM. After windows authentication installation, the default protocol will be Kerbose.



On Run type inetmgr to open IIS.
On IIS select your website.
On Feature View, Click on the Authentication Icon.
That will leads to Authentication tab.
Right Click on the Windows Authentication and click the Enable Link as shown in the figure.

How To Implement Windows Authentication In IIS and IIS Express, Implement Windows Authentication In IIS, Windows Authentication In IIS, Windows Authentication In IIS Express, Windows Authentication

All other Authentication like Anonymous, Basic, Digest and Forms Authentication
needs to be disabled.
Now click on your website and browse it again.
One Windows Security window will pop up where you can type your user name and password.

How To Implement Windows Authentication In IIS and IIS Express, Implement Windows Authentication In IIS, Windows Authentication In IIS, Windows Authentication In IIS Express, Windows Authentication

If you Cancel this, you will get the following Error.

How To Implement Windows Authentication In IIS and IIS Express, Implement Windows Authentication In IIS, Windows Authentication In IIS, Windows Authentication In IIS Express, Windows Authentication

If you specify correct username and password, you can access the website.
By this way we can Implement Windows Authentication In IIS.




Open the file C:\Users\xxxxxx
\Documents\IISExpress\config \applicationhost.xml
on Notepad.
Search for node <authentication>.
Inside <authentication> node, navigate to subnode <windowsAuthentication>.
Set enable as true inside <windowsAuthentication>.
For all other sub nodes like <anonymousAuthentication>, <basicAuthentication>,
<digestAuthentication> etc... set enable as false.
By this way we can Implement Windows Authentication In IISExpress.