Best practices when you publish two or more internal Web sites that use authentication on an Internet Security and Acceleration Server 2004-based computer (886998)



The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2004, Standard Edition

INTRODUCTION

This article discusses best practices when you publish two or more internal Web sites that use authentication on a Microsoft Internet Security and Acceleration (ISA) Server 2004-based computer.

MORE INFORMATION

We recommend that you publish only one Web site for each Web listener when you use authentication on an ISA Server 2004-based computer.

We also recommend that you do not use the same external name to publish two or more internal Web sites. The internal Web site selection is based on the URL path prefix of the client. Therefore, this kind of deployment is potentially problematic. For example, the Microsoft Outlook Web Access (OWA) Forms-Based Authentication filter always prompts users to enter their logon credentials, even for connections to other virtual directories. The OWA filter does not differentiate a client request based on the URL path. Therefore, an OWA cookie may reach the wrong internal Web site.

Modification Type:MajorLast Reviewed:11/4/2004
Keywords:kbhowto kbinfo KB886998 kbAudITPRO