| |||||
| |||||
You configure authentication for Web sites based on Microsoft Windows SharePoint Services by configuring authentication methods in Internet Information Services (IIS). Windows SharePoint Services uses the authentication method you specify for a virtual server in IIS to control authentication for all top-level Web sites and subsites of that virtual server. Windows SharePoint Services works with the following authentication methods in IIS:
You can change authentication methods for virtual servers hosting Web sites based on Windows SharePoint Services, and you can change the authentication method used for the SharePoint Central Administration site. You can also enable Secure Sockets Layer (SSL) security in IIS to help protect your sites or the administration port for your server.
Each virtual server can use a different authentication method in Internet Information Services (IIS). You can even enable multiple authentication methods if you are using the same Web site content in more than one environment. For example, if you have a Web site that is primarily for internal use within your organization, you would most likely choose Integrated Windows authentication. If, however, your use of the site changes, and you must allow your organization's members to access the site externally through a firewall, you might also want to enable Basic authentication.
Note Basic authentication is less secure than Integrated Windows authentication. For this scenario, it is recommended that you use Basic authentication with SSL to help make your environment more secure.
When you change authentication methods in IIS, you do not need to change any settings in Windows SharePoint Services. For example, if you decide to use Integrated Windows authentication instead of Basic authentication, you make the change only in IIS.