Authentication methods
The access policy and publishing rules of Microsoft Internet Security and Acceleration (ISA) Server can be configured to allow or deny a set of computers (client address sets) or a group of users from accessing specific servers. If the rule applies specifically to users, then the ISA Server checks the Web request properties for listeners on the array to determine how the user should be authenticated.
You can configure incoming and outgoing Web request settings so that users must always be authenticated by ISA Server before processing rules. This ensures that requests are allowed only if the user making the request is authenticated. For more information, see Require authentication for all Web requests.
You can also configure which authentication method to use. You can configure different authentication methods for incoming Web requests and for outgoing Web requests.
ISA Server supports the following authentication methods:
| • | |
| • | |
| • | |
| • |
Caution
| • | Microsoft Internet Explorer 5 supports all the authentication methods. Other Web browsers may support only the Basic authentication method. Be sure that the client Web browsers can use at least one of the authentication methods that you specify in an array's incoming Web request and outgoing Web request properties. Otherwise, the client will not be able to access the requested object. |
