Authentication helps you confirm the identity of users requesting access to your Web sites. IIS supports both challenge-based and login redirection-based authentication methods. Challenge-based authentication methods require clients to respond correctly to a server-initiated challenge. Login redirection-based authentication methods rely on redirection to a login page to determine the identity of the user. You cannot use both authentication methods at the same time. IIS also supports client certificate authentication, which requires configuring Secure Sockets Layer (SSL) for the site.
Notes
Only Anonymous authentication is installed by default. If you want to authenticate clients with IIS, you must install the authentication features you want to use.
| Step | Reference | |
|---|---|---|
 | Read an overview of how to set up an authentication strategy. | |
| Install different types of authentication using the Add Role Services Wizard from Server Manager. | |
| Use IIS 7 to configure authentication. |