| Justin Dutoit 2003-08-25, 12:25 am |
| This is a MeasureUp question on authentication-
"A company is extending their web site to accommodate a new ASP.NET
application for their customers.
They are a worldwide company with expected application use in the millions.
They have decided to use a high performance SQL server to maintain user
names and passwords.
Which of the following configurations should they deploy?"
Correct answer:
Configure IIS for Anonymous authentication and in the web.config file
<system.web>
<authentication mode="none" />
</system.web>
I chose the answer with <authentication mode="Forms" /> (otherwise the
same), mainly because of the mention of passwords stored in SQL server.
Excerpt of MeasureUp's explanation:
"When a SQL server database is used to store usernames and passwords in the
ASP.NET application, which is recommended in high volume applications, the
ASP.NET authentication mode is set to "none" as it will not be using the
services of Active Directory, Microsoft passport Services, or Forms to
provide the user names and passwords. The IIS setting is set to Anonymous in
order to work with this ASP.NET configuration. When IIS is configured to use
this anonymous access, it does not rely on user accounts and does not prompt
the user for a log on. Forms authentication obtains user names and passwords
from the Web Forms page."
Could someone direct me here, this is confusing ...
Tks
Justin D
|