Finally, starting with the beta 3, IIS 6.0 integrates Passport (www.passport.com) as a supported authentication mechanism in addition to anonymous, Windows, digest, and basic. Passport is Microsoft's service for Internet authentication that implements a single sign-on model for access to sites created by different organizations. The integration with IIS 6.0 tightly couples .NET Passport authentication with the core Web server, and uses .NET Passport version 2 interfaces provided by standard .NET Passport components. This is a welcome addition because previously developers had to download the Passport SDK and make specific coding changes to their ASP and ASP.NET applications to enable Passport authentication.
After a Passport user has been authenticated, they can be mapped to an Active Directory account, as configured by the administrator. A token is then created by the Local Security Authority (LSA) for the user and set by IIS for the HTTP request. Developers can then use this information in deciding which actions the user can take within the Web site.