Authentication

Internet and Extranet sites require authentication using secure Forms-based logon pages. For reasons of performance, only the initial transaction of username and password between browser and server needs to be SSL secured.

EBDS supports the following Authentication scenarios:

Dedicated SSL Certificate

Each site managed by MCMS has its own certificate. For MCMS Enterprise Edition, IIS would be configured as described in Microsoft Knowledge Base article 810315.

Shared SSL Certificate

One SSL certificate is installed on the server but is used by all sites (in a host-header mapping scenario). This provides a significant cost saving against purchasing multiple SSL certificates, and removes the need for multiple IIS web sites configured as MCMS Entry Points.

No SSL Certificate

For flexibility, SSL can be disabled. This is recommended only when previous secure authentication has occurred; e.g. prior connection to a VPN to access the Authoring Server.