Security

How Access Is Determined

When a user attempts to access a resource through IIS 5.0, a number of technologies come into play. The following figure provides an overview of this process:

In the interest of simplicity, the figure above shows many paths leading to Access Denied. In fact, some paths yield a 401 or 403 HTTP error. A real Access Denied message can prompt the user to re-enter the user name and password; a 401 or 403 cannot.

See the following:

• IP Address Access Control
• User Access Control
• IIS 5.0 Access Control
• Custom Authentication
• NTFS File System Permissions

© 1997-1999 Microsoft Corporation. All rights reserved.