I have an IIS-7-hosted website which is accessible by everyone (public domain), and it has several applications inside it. But I want only some of these applications to be accessible by everyone. The others must be accessible only through my company's local network. How can I do this?
A:
You can control access to your sites be enforcing authentication and authorization rules on your private applications.
However...
I strongly recommend running Intranet applications and Internet applications in separate IIS web sites, and use your network firewall to prevent all Internet access to your Intranet site.
kbrimington
2010-08-03 05:49:48
which authentication/authorization rules? How do I change those?
Raze2dust
2010-08-03 06:22:10
@Raze2dust: I'd suggest reading up on Integrated Windows Authentication (if it applies to your Intranet environment), and Forms Authentication. Configuration options are available in IIS Manager, in the Authentication module (click a site, then select Authentication from the workspace pane). With authentication configured, you may find this resource useful to handle authorization: http://support.microsoft.com/kb/316871.Good luck!
kbrimington
2010-08-03 06:44:33