Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
A version of this page is also available for
4/8/2010
A Web page requires authentication when the authorization level set in Avalue in the registry in HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\</ Vroot Name> subkey is greater than zero (0). For more information, see Virtual Path Registry Settings.
The following steps must be performed sequentially to gain access to a Web page that requires authentication:
- The user must be authenticated for the given virtual path by
using NTLM authentication or Basic authentication. If this step
fails, the user is denied access to the page.
- If NTLM authentication is used, the Web Server requests
information regarding the groups in which the user has membership.
If this step fails, the user is assumed to not have membership in
any group.
- If 0<
A<3 and the name of the authenticated user (or a group
containing the user) is listed in the
HKEY_LOCAL_MACHINE\COMM\HTTPD\AdminUsersregistry key, the
user is granted access to the page as an Administrator. For more
information about the registry setting, see
Base Registry
Settings.
Note: Users that are members of this list have access to all virtual roots on the device, even if they have been explicitly denied access in the UserListregistry value for a specific virtual root. If A=1 and the name of the authenticated user (or a group containing the user) is listed in the HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\</ Vroot Name> \UserListregistry key, the user is granted access to the Web page.If the previous conditions fail, the user is denied access to the Web page.
The Administrative group check is performed only when using NTLM authentication. The user name check is done for both types of authentication.
The authentication registry keys support individual users and groups, as well as the ability to exclude specific users and groups. For more information, see Web Server User Lists.