Microsoft KB Archive/308532

= Combining authentication methods for personalization and membership =

Article ID: 308532

Article Last Modified on 6/22/2006

-

APPLIES TO


 * Microsoft Site Server 3.0 Commerce Edition
 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q308532



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SUMMARY
This article clarifies combining authentication methods.



Combining Authentication Methods
Automatic cookie authentication and HTML forms authentication cannot be used with each other or with any other authentication method for the same virtual directory or file.

If you have a file or directory that you want to require HTML forms authentication, only HTML forms authentication must be selected. Anonymous authentication cannot be used with HTML forms authentication. The same is true for automatic cookie authentication. If you want to use automatic cookie authentication, you must use only automatic cookie authentication.

If you want to enable anonymous access only a to file or directory, follow these steps:
 * 1) In the IIS MMC, click the Membership Authentication tab.
 * 2) Select Anonymous and Other password. Do not select Basic or DPA.

