The Authenticated Access page of the Configure Web Synchronization Wizard lets you specify the authentication methods that will be used to validate client credentials.

Options

Integrated Windows Authentication

Integrated Windows Authentication a secure form of authentication because the user name and password are hashed before being sent across the network.

If you specify Integrated Windows Authentication, you cannot operate over a proxy server or firewall. Therefore, Integrated Windows Authentication can be used for intranet applications, but it is rarely used for Internet applications.

Basic authentication

In Basic authentication, clients are prompted to supply a user name and a password. These details are returned to Microsoft Internet Information Services in an unencrypted form.

If you specify Basic authentication, we recommend that you always use Secure Sockets Layer (SSL) encryption to avoid transmitting the password of the user across the network in an unencrypted form. For more information, see Configuring SSL Encryption.

Default Domain

To configure IIS server to assume a default logon domain, enter the domain name in the Default domain field.

Realm

A term sometimes used for domain, in this case to refer to user domains established for security reasons, not Internet domains. For password-protected files, the name of the protected resource or area on the server. If you try to access the protected resource while browsing, the name of the realm will appear in the dialog box that asks for a user name and password.

Digest authentication and .NET Passport authentication

Digest authentication and .NET Passport authentication are not supported by SQL Server Compact 3.5 applications running on Windows CE-based devices.