Enabling Windows Authentication

When you select the Windows Authentication mode, the AuthFilter will look up the access rights for the user in Active Directory. When a user logs in to a site running in this mode, the AuthFilter retrieves the user name and password from the Hypertext Transfer Protocol (HTTP) request and stores it in a cache. It also sets a cookie that is valid only for the duration of the user session. The cookie can then be checked by other pages the user visits during the session. In Windows Authentication mode, Active Control List (ACL) determines access to any resource on the Web site.

Windows Authentication supports a Web farm scenario with a single login, and it supports using proxy accounts. For more information about single login, see Cookies and Authentication.

Ee811577.note(en-US,CS.10).gif Note

To enable the Windows Authentication mode

  1. Expand Commerce Server Manager, expand Commerce Sites, and then click the site you want to administer.

  2. Expand Applications, right-click the name of the application that you want to work with, and then click Properties.

  3. In the Properties dialog box, in the General tab, in the Authentication filter box, select Windows Authentication, and then click OK.

AuthFilter will pass the credentials to Internet Information Services (IIS) 5.0, and IIS validates the user login and password against an Active Directory data store.

Ee811577.note(en-US,CS.10).gif Note

  • After you change a property value in Commerce Server Manager, you must unload the application from memory on each Web server in order for the change to take effect. For instructions, see Unloading an Application from Memory.

See Also

Working with Site Security and Filters

Enabling Custom Authentication

Enabling Autocookie Generation

Enabling Cookie Sharing Across Domains/Applications

Site Security Objects

AuthManager Object

All rights reserved.