Microsoft Windows CE 3.0  

Access Rights

Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

The following steps are required to gain access to a Web page that requires authentication ( A>0):

  1. The user must be authenticated for the given virtual path by using NTLM authentication or BASIC authentication, as described above. If this step fails, the user is denied access to the page.
  2. If NTLM authentication is used, the Web server requests information regarding the groups in which the user has membership. If this step fails, the user is assumed to not have membership in any group.
  3. If 0<A<3and the name of the authenticated user (or a group containing the user) is listed in the HKEY_LOCAL_MACHINE\Comm\HTTPD\ AdminUsersregistry key, the user is granted access to the page as an Administrator.
  4. If A=1and the name of the authenticated user (or group containing the user) is listed in the HKEY_LOCAL_MACHINECOMPUTER\Comm\HTTPD\ Vroots\[vroot name]\UserListregistry key, the user is granted access to the Web page.
    Note   At this point, if the authentication level is set to 2, but no users are listed in the administrator list, the user is granted access as an Administrator. This is done for ease of initial setup. However, be aware that the AdminUserslist on the Web server computer should be configured appropriately and as soon as possible, or else the first user to access the site, and who also passes step 1, will be given Administrator privileges. As a result, users could use the administration page to lock themselves in as the Administrator.
  5. If the above conditions fail, the user is denied access to the Web page.

    The Administrative group check is performed only when using NTLM authentication. The user-name check is done for both types of authentication.

    The authentication registry keys support individual users and groups, as well as the ability to exclude specific users and groups. For more information, see User Lists.



     Last updated on Friday, April 02, 2004

    © 2004 Microsoft Corporation. All rights reserved.