ISA in SBS - yes, it's secure

A central location for SBS ISA specific configuration information relevant to small consulting practices and others smart enough to use the best technology in the world.

Lingo - The Talk of Broadband

Thursday, June 16, 2005

What happens when you use more than 1 authentication type?

I was recently asked what happens when you select more than one authentication type in your web listener?

In this KB article: 295667, How to Allow Third-Party Internet Application Connections Through ISA Server 2000. It suggests 4 methods. Method 2 suggests checking Basic Authentication under Outgoing Web Requests under Properties of your Server. (For ISA 2004 this would be in the Properties of your Web Listener in Authentication.)

The article doesn't mention unchecking Integrated Authentication so this leaves you with both Basic Authentication and Windows Integrated Authentication selected. What's the ISA Server going to do?

The answer is, it will use which ever authentication method the requesting client sends. If the application, in this case, sends only basic authentication, then ISA process it as Basic Authentication. There is no fail over as such. If the data comes as Basic then it'll be processed as Basic. If it comes Integrated, then it'll be processed differently.

ISA doesn't control the authentication method, the client does. It up to us as admins to tell ISA whether it's allowed to process those types of authentication.


Post a Comment

<< Home