【正文】 s. Understanding the options that are available to you and how they interrelate is an important first step in designing a site that restricts access to some or all of its resources or that personalizes content for individual users. Authentication Authentication enables the recipient of a request to ascertain the caller39。s resources. This article, the first in a twopart series, explains the ABCs of Web security as seen through the eyes of and includes a handson tutorial demonstrating Windows authentication and ACL authorizations. A range of security measures and authentication methods are discussed, including basic authentication, digest authentication, and rolebased security. There39。s identity available to . Let39。微軟因特網(wǎng)信息服務(wù)（ IIS）管理員都太在意 IIS過去的安全漏洞和幾個來自微軟的補(bǔ)丁和安全更新。在這一部分中，您將了解 IIS 和 Windows 連接，以及如何將這三個部分整合結(jié)合起來用以保護(hù)資源使用 Windows 身份驗(yàn)證和訪問控制列表（ ACL）文件授權(quán)。 IIS 驗(yàn)證鮑勃和請求轉(zhuǎn)發(fā)到 以及一個訪問令牌識別鮑勃。 當(dāng)選擇 Windows 身份驗(yàn)證時， IIS尋求幫助。 。 網(wǎng)絡(luò)應(yīng)用安全問題是一個很重要的問題，是因?yàn)楸举|(zhì)上這些應(yīng)用（并且容易受到攻擊和誤用）對于絕大部分的用戶是開放的。ll learn how integrates with IIS and Windows and how the three can be bined to protect resources using Windows authentication and access control list (ACL) file authorizations. Part two of this article will cover forms authentication—a cool new feature of that lets you secure sites using a bination of formbased logins and URL resource authorizations. Understanding Web Security At the application level, Web security is first and foremost about securing pages so that they can39。s an old adage among developers that says building security into software is like paying taxes. You know it39。s say Windows authentication is enabled and Bob requests an ASPX file. IIS authenticates Bob and forwards the request to