|
== Features ==
IIS 6.0 and higher support the following [[authentication]] mechanisms:<ref>{{cite web|title=Authentication Methods Supported in IIS 6.0 (IIS 6.0)|url=http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/523ae943-5e6a-4200-9103-9808baa00157.mspx?mfr=true|work=IIS 6.0 Documentation|publisher=Microsoft corporation|accessdate=13 July 2011}}</ref>
*Anonymous authentication
*[[Basic access authentication]]
*[[Digest access authentication]]
*[[Integrated Windows Authentication]]
*UNC authentication
*[[.NET Passport Authentication]] (Removed in Windows Server 2008 and IIS 7.0)<ref name="6 to 7 changes">{{cite web|title=Changes Between IIS 6.0 and IIS 7 Security|url=http://learn.iis.net/page.aspx/110/changes-between-iis-60-and-iis-7-security/|work=IIS.net|publisher=Microsoft Corporation|accessdate=13 July 2011|date=7 February 2010}}</ref>
*Certificate authentication
IIS 7.0 has a modular architecture. Modules, also called extensions, can be added or removed individually so that only modules required for specific functionality have to be installed. IIS 7 includes native modules as part of the full installation. These modules are individual features that the server uses to process requests and include the following:<ref>{{cite web |last=Templin |first=Reagan |title=Introduction to IIS 7 Architecture |url=http://learn.iis.net/page.aspx/101/introduction-to-iis-7-architecture/ |work=IIS.net |publisher=Microsoft Corporation |accessdate=16 July 2011 |date=11 August 2010 |at=IIS 7 Modules}}</ref>
* HTTP modules – Used to perform tasks specific to HTTP in the request-processing pipeline, such as responding to information and inquiries sent in client headers, returning HTTP errors, and redirecting requests.
* Security modules – Used to perform tasks related to security in the request-processing pipeline, such as specifying authentication schemes, performing URL authorization, and filtering requests.
* Content modules – Used to perform tasks related to content in the request-processing pipeline, such as processing requests for static files, returning a default page when a client does not specify a resource in a request, and listing the contents of a directory.
* Compression modules – Used to perform tasks related to compression in the request-processing pipeline, such as compressing responses, applying Gzip compression transfer coding to responses, and performing pre-compression of static content.
* Caching modules – Used to perform tasks related to caching in the request-processing pipeline, such as storing processed information in memory on the server and using cached content in subsequent requests for the same resource.
* Logging and Diagnostics modules – Used to perform tasks related to logging and diagnostics in the request-processing pipeline, such as passing information and processing status to HTTP.sys for logging, reporting events, and tracking requests currently executing in worker processes.
IIS 7.5 includes the following additional or enhanced security features:<ref>{{cite web|title=Available Web Server (IIS) Role Services in IIS 7.5|url=http://technet.microsoft.com/en-us/library/cc753473.aspx|work=Microsoft TechNet|publisher=Microsoft Corporation|accessdate=13 July 2011}}</ref>
* Client Certificate Mapping
* IP Security
* Request Filtering
* URL Authorization
Authentication changed slightly between IIS 6.0 and IIS 7, most notably in that the anonymous user which was named "IUSR_{machinename}" is a built-in account in Vista and future operating systems and named "IUSR". Notably, in IIS 7, each authentication mechanism is isolated into its own module and can be installed or uninstalled.<ref name="6 to 7 changes" />
| 