Jim McAtee wrote: > If I enable Basic Authentication for an IIS 5 web site protected by NTFS ACLs, > will Internet Explorer still use NTLM to authenticate if its able to? In other > words, does enabling Basic Authentication keep IIS from using NTLM, or does it > only enable Basic Authentication as fallback method?
IIRC IIS offers both options to clients, and clients are required to choose the one that offers the strongest security. But the easy way is to check the headers to find out. Telnet to port 80 on the webserver and see what you get. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
