08-19-05 07:54 AM
Hi Kumars,
personalization requires that you know who is sitting at the browser. So it
is mandatory to let the client authenticate to the site as authentication is
the method where the client proofs his identity to the server.
There are several different ways to do authentication:
- windows integrated authenticaton
- basic authenticaton
- digest authenticaton
- client certificate authenticaton
- forms authenticaton
- passport authenticaton
- cookie authentication
- authentication against any other 3rd party authentication system.
windows integrated does not popup an authentication to the user as the
credentials of the user logged in to the machine will automatically be sent
to the server. But this method does not work through proxy servers which
makes it fail in most internet scenarios.
Cookie auth requires the user to login once and then they get a cookie.
After this this cookie will be used to authenticate the user. Prolem:
cookies are bound to a machine and not to a user. In addition cookies can be
stolen and reuse - so it cannot be used where confidential data is being
used.
All other authentication methods usually require a user to login on a form
or using a popup dialog.
So for intranets you can achieve this using windows integrated auth. On an
internet site you will usually require a login.
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no rights
New to MCMS?
Check out this book: Building Websites Using MCMS: http://tinyurl.com/6zj44
----------------------
"kumars" <kumars_07724@coolgoose-dot-com.no-spam.invalid> wrote in message
news:QaOdnT4P57issJjeRVn_vQ@giganews.com...
> We would like to maintain a public MCMS site and would like to provide
> personalized content to registered users without asking for the users
> password (registered users will provide account name only). How do we
> do this with MCMS. We use AD to store users credentials.
>
[ Post a follow-up to this message ]
| 
