Enabling Security on MCMS
Because MCMS is so important for all types of portals, it is likely to be the first line of defense in your security scheme. The information and guidance offered in Chapter 6 apply here as well. This section provides special notes regarding security implications for MCMS. You must configure access in three locations: Internet Information Server (IIS), ASP.NET Web.config file, and the MCMS Server Configuration application. The entries you make in these locations depend on the usage scenario and your security preferences. These guidelines are for the most common scenarios.
A public web site should be available to anonymous users, with no authentication required. By default, a new MCMS site requires user authentication, ...