If you select windows authentication for your application, you also have to configure authentication within IIS. This is because IIS provides Windows authentication. IIS gives you a choice for four different authentication methods: Anonymous,basic,digest and windows you select anonymous authentication, IIS doesn’t perform any authentication, Any one is allowed to access the you select basic authentication, users must provide a windows username and password to connect. How ever this information is sent over the network in clear text, which makes basic authentication very much insecure over the internet.
If you select digest authentication, users must still provide a windows user name and password to connect. However the password is hashed before it is sent across the network. Digest authentication requires that all users be running Internet Explorer5 or later and that windows accounts to stored in active directory.
