Configuring Authentication in IIS 7

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

Authentication helps you confirm the identity of clients who request access to your sites and applications. IIS 7 supports Anonymous and Integrated Windows authentication by default.

IIS 7 supports both challenge-based and login redirection-based authentication methods. A challenge-based authentication method, for example, Integrated Windows authentication, requires a client to respond correctly to a server-initiated challenge. A login redirection-based authentication method, for example, Forms authentication, relies on redirection to a login page to determine the identity of the user. You cannot use both a challenge-based authentication method and a login redirection-based authentication method at the same time.

IIS 7 also supports client certificate authentication, which requires that Secure Sockets Layer (SSL) be configured for the site. For more information about client certificates, see Configuring Server Certificates in IIS 7.


For information about the levels at which you can perform these procedures, and the modules, handlers, and permissions that are required to perform these procedures, see Authentication Feature Requirements (IIS 7).


This task includes the following procedures:

Configure the Anonymous Authentication Identity (IIS 7)

Configure ASP.NET Impersonation Authentication (IIS 7)

Configure Basic Authentication (IIS 7)

Configure Client Certificate Mapping Authentication (IIS 7)

Configure Digest Authentication (IIS 7)

Configuring Forms Authentication (IIS 7)

Configure Windows Authentication (IIS 7)

Configure Extended Protection in IIS 7.5