I have trouble understanding HTTP endpoint authentication.
My first problem is understanding which authentication methods would work over the internet and which are intranet only. Can somebody confirm my following understanding?
Please don't point me to an msdn link, I've been trying to make sense of them for days.
BASIC AUTHENTICATION - Web Access Link
Check submitted credentials against server local windows account only - not a domain account.
DIGEST AUTHENTICATION - Web Access Link
Check submitted credentials against windows domain account only ( 2003 ).
NTLM AUTHENTICATION - Intranet Access Link
Windows 95 to NT credentials authenticated within an intranet.
KERBEROS AUTHENTICATION - Web Access or Intranet Access
Windows 2000 to Windows 2003 domain credentials authenticated over intranet or web communications link.
INTEGRATED AUTHENTICATION
Negotiates NTLM or Kerberos depending on client.
My second issue is the LOGIN_TYPE parameter.
I don't understand this as I understood HTTP endpoints to always be windows authenticated on to the endpoint server with trusted authentication on to SQL Server.
If you specify LOGIN_TYPE = MIXED, I assume extra credentials need to be sent to the endpoint for SQL Server login?
Dazed and confused
My first problem is understanding which authentication methods would work over the internet and which are intranet only. Can somebody confirm my following understanding?
Please don't point me to an msdn link, I've been trying to make sense of them for days.
BASIC AUTHENTICATION - Web Access Link
Check submitted credentials against server local windows account only - not a domain account.
DIGEST AUTHENTICATION - Web Access Link
Check submitted credentials against windows domain account only ( 2003 ).
NTLM AUTHENTICATION - Intranet Access Link
Windows 95 to NT credentials authenticated within an intranet.
KERBEROS AUTHENTICATION - Web Access or Intranet Access
Windows 2000 to Windows 2003 domain credentials authenticated over intranet or web communications link.
INTEGRATED AUTHENTICATION
Negotiates NTLM or Kerberos depending on client.
My second issue is the LOGIN_TYPE parameter.
I don't understand this as I understood HTTP endpoints to always be windows authenticated on to the endpoint server with trusted authentication on to SQL Server.
If you specify LOGIN_TYPE = MIXED, I assume extra credentials need to be sent to the endpoint for SQL Server login?
Dazed and confused