Enabling Windows Authentication
When you select the Windows Authentication mode, the AuthFilter will look up the access rights for the user in Active Directory. When a user logs in to a site running in this mode, the AuthFilter retrieves the user name and password from the Hypertext Transfer Protocol (HTTP) request and stores it in a cache. It also sets a cookie that is valid only for the duration of the user session. The cookie can then be checked by other pages the user visits during the session. In Windows Authentication mode, Active Control List (ACL) determines access to any resource on the Web site.
Windows Authentication supports a Web farm scenario with a single login, and it supports using proxy accounts. For more information about single login, see Cookies and Authentication.
- The following instructions assume you have set the security mode on your domain controller to log on locally. If you have not yet done so, see Setting the Security Mode on the Domain Controller.
To enable the Windows Authentication mode
Expand Commerce Server Manager, expand Commerce Sites, and then click the site you want to administer.
Expand Applications, right-click the name of the application that you want to work with, and then click Properties.
In the Properties dialog box, in the General tab, in the Authentication filter box, select Windows Authentication, and then click OK.
AuthFilter will pass the credentials to Internet Information Services (IIS) 5.0, and IIS validates the user login and password against an Active Directory data store.
- After you change a property value in Commerce Server Manager, you must unload the application from memory on each Web server in order for the change to take effect. For instructions, see Unloading an Application from Memory.