Home
ASP.NET Forums » General ASP.NET » Security » IIS/client authentication

IIS/client authentication

Last post 09-18-2006 2:48 PM by Ivoryzion. 2 replies.

Sort Posts:

  • IIS/client authentication

    09-14-2006, 5:57 PM
    • Member
      25 point Member
    • Ivoryzion
    • Member since 04-20-2006, 3:06 PM
    • Posts 5
    Does IIS have to go through the entire NTLM/Kerberos authentication for each request from the same client? If not, how is state maintained between IIS and the client using the 2 aforementioned protocols?

  • Re: IIS/client authentication

    09-18-2006, 2:00 PM
    Answer
    • Star
      14,543 point Star
    • ScottGu
    • Member since 06-05-2002, 8:36 PM
    • Redmond, WA
    • Posts 2,004
    • AspNetTeam
      Moderator

    I believe there is some protocol authentication that Windows caches to avoid having to re-authenticate on each request.  In cases where there is a long delay in answering, or another machine is used, the challange/response can then be re-authenticated without the app knowing.

     Hope this helps,

    Scott

  • Re: IIS/client authentication

    09-18-2006, 2:48 PM
    • Member
      25 point Member
    • Ivoryzion
    • Member since 04-20-2006, 3:06 PM
    • Posts 5

    Thanks for responding Scott.  If you get a moment please see this post --> http://forums.iis.net/thread/1400634.aspx

     
Page 1 of 1 (3 items)
RSS Available

Contact | Advertise | Ads by BanManPro | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.