Kerberos是一种协议，它允许Web服务器将凭据委派给客户端已验证.当Web服务器访问需要身份验证的任何其他服务(通常是SQL，AD，另一个应用程序，Web服务等)时，这一点很重要.现在，您已经提到使用RSS查看器.因此，很可能在IIS使用Windows(Kerberos)的情况下，将客户端的登录凭据用作连接到RSS服务时的标识.但是，在使用表单身份验证时，IIS不知道客户端使用什么身份登录(仅在应用程序中已知).因此，对RSS服务的请求现在将作为匿名服务(IUSR_machine)或网络服务帐户(RSS服务未对其进行身份验证)发送，从而给您401错误.

因此，在使用表单身份验证时，您必须添加代码以确保访问RSS服务的线程位于调用方(客户端)的标识下.这是通过称为协议过渡的概念完成的

http://msdn.microsoft.com/en-us/library/ms998355.aspx [ ^ ]

Kerberos is a protocol that allows the web server to delegate the credentials the client has authenticated with. This is important when the web server accesses any other services which require authentication (typically SQL,AD, another app, web services,etc). Now you''ve mentioned of using RSS viewer. So most likely when IIS uses Windows (kerberos) the logged in credentials of the client is used as the identity when connecting to RSS service. But when using forms authentication, IIS doesn''t know what the credentials the client has logged in with (this is known only in the application). Therefore a request to RSS service would now go as Anonymous(IUSR_machine) or Network Service account which the RSS service doesn''t authenticate, hence giving u the 401 errors.

So when using forms authentication, you''ve to add code to make sure the thread accessing the RSS service goes under the identity of the caller (client). This is done with concept called protocol transition

http://msdn.microsoft.com/en-us/library/ms998355.aspx[^]

请尝试以下链接:-

Windows身份验证 [ ^ ]

什么是表单身份验证?
表单身份验证使您可以使用自定义数据库(例如ASP.NET成员资格数据库)来识别用户.或者，您可以实现自己的自定义数据库.通过身份验证后，您可以引用用户所扮演的角色，以限制对您网站的某些部分的访问.

不同之处非常简单，因为在Windows身份验证模式下，将根据您在Windows中拥有的用户权限为用户授予访问权限.当涉及基于表单的身份验证方法时，您必须为每种表单强制授予用户访问权限

Please try these links:-

Windows Authentication[^]

What is form authentication?
Forms authentication enables you to identify users with a custom database such as an ASP.NET membership database. Alternatively you can implement your own custom database. Once authenticated you can reference the roles the user is in to restrict access to portions of your Web site.

Different is quite simple as in Windows authentication mode users will be granted access according to their user rights which you have in windows.when it comes to form based authentication method you do have to Forcibly grant access for users for each forms