Website Authentication

From WebWatchBotWiki
Jump to: navigation, search

Website authentication is the method by which one can grant or deny access to a website either by requiring the user to log in or not. There are five types of authentication on Windows based web servers, which are explained in detail here, and listed here:

  • Anonymous access
  • Integrated Windows authentication
  • Digest authentication for Windows domain servers
  • Basic authentication
  • Microsoft .NET Passport authentication

WebWatchBot supports these types of authentication methods via the HTTP Watch Type. It is worth noting that these types of authentication are different than form based authentication as the user is prompted with a pop-up window like the following:
website_authentication.gif The example login shows that basic authentication is used

website_authentication_iwa.gif The example login shows that IWA (Integrated Windows Authentication) authentication is used



To determine which type of authentication method your website uses, you will need to contact your system administrator or view the security properties of your website. For example:


auth_iis_5_1.gif IIS 5.1 (Windows XP Professional)

auth_iis_6_0.gif IIS 6.0 (Windows Server 2003)


Once the authentication method is determined, specify the username and password in WebWatchBot: Open a Watch Item's properties, click on the "Settings" button, select the "Advanced" tab:
http_advanced.gif

  • Anonymous access - No username and password required
  • Integrated Windows authentication - Specify a username and password that is a Windows User Account for the machine that the web server resides on.
  • Digest authentication for Windows domain servers - Specify a username and password that is a Active Directory User Account for the machine that the web server resides on. NOTE: you may need to specify the domain name with the username, e.g. DOMAINNAME/USERNAME.
  • Basic authentication - Specify a username and password that is a Windows User Account for the machine that the web server resides on. NOTE: Depending on whether the "Default Domain" and/or "Realm" are specified in the IIS security settings, you may need to specify the domain name with the username, e.g. DOMAINNAME/USERNAME.
  • Microsoft .NET Passport authentication - Specify a username and password that is a .NET passport account.