> I would like to publish several web sites to a group of internal users > using ISA. Currently the users browsers are configured to automatically > attempt integrated windows authentication to these sites and the users > never see a login screen. This makes them very happy, so it is a critical > feature. What makes the users happy is what makes the hackers happy. > If I place ISA server between my users and the web sites and publish them, > can I support this configuration? I know ISA can support publishing of > sites protected by windows authentication, and ISA itself can require a > windows authentication to access the web listener, but I can't seem to > find anyone who has tested the automatic login from IE. The point is that Auto Login is not a good thing. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com