An authentication method for directory security on a web server. Integrated Windows authentication uses a cryptographic exchange with the user’s Windows Internet Explorer web browser to confirm the identity of the user, and thus authenticate the user to access the web server resource (such as a web service or a file).