Security
Security |
|
Authentication is performed differently when this option is enabled because IIS 5.0 has to inform Windows that the password is correct. A subauthenticator can perform this task. Windows allows subauthenticators—implemented as subauthentication dynamic-link libraries (DLLs)—to be used in conjunction with the normal Windows authentication system.
A subauthentication DLL allows the authentication and validation criteria stored in the Windows user account database to be replaced. For instance, a particular server might supply a subauthentication DLL that validates a user’s password via a different algorithm, that uses a different granularity of logon hours, or that specifies workstation restrictions in a different format. All of this can be accomplished using subauthentication DLLs, without sacrificing use of the Windows user account database and thereby losing its administration tools.
IIS 5.0 supplies a subauthentication DLL called Iissuba.dll. The function of this DLL, in terms of Anonymous authentication, is to verify that the password is correct, inform the Windows operating system that the password is valid, and hence log on the user.
You can find more information about Windows subauthentication in the Microsoft® Visual Studio® 6.0 online product documentation. Visual Studio 6.0 ships with a subauthentication sample called SubAuth.