Where does "authentication" get its credentials?
Let's say you create a Virual Directory on your Web Site that points to a shared file
on another server. You are using NTFS authentication/security for access
to the folders/Web pages beneath that shared file (and all of your Web site
for that matter). Does authentication use the credentials you used (when
prompted) to initially create the Vitrual Directory, or does it use the
credentials from the user that actually authenticated the Web Site?
IIS uses the username and password you enter into the Internet Services
Manager only to authenticate for the purposes of accessing the network
share. In other words, the user account you provide to IIS only needs
*share* permissions. All file permissions are handled using the account
provided through the user's browser--or the anonymous IIS account, if
This was first published in October 2001