Geek Answers Handbook

Disable authentication in subfolders (s) of an ASP.NET application using Windows Authentication

Can I disable Windows authentication in one or more subfolders of an ASP.net application using Windows Authentication?

For instance:

The website contains several other folders that contain parts of the general application: / frontend, / backend, / login

The bin folder is at the same level as the subfolder, i.e. website root.

All of these subfolders contain pages that use binary files that are located in the bin folder of the website root.

The user must enter Windows credentials when visiting the page in the backend folder, but not when visiting the page in the login folder or interface.

I am using IIS7

Any ideas?

+3
source share
2 answers

Found a solution:

  • Corrected the applicationHost.config file and changed the value "overrideModeDefault" to "Allow" for anonymous authentication entries en windowsAuthentication

                <section name="anonymousAuthentication" type="System.WebServer.Configuration.AnonymousAuthenticationSection" overrideModeDefault="Allow" />
            <section name="windowsAuthentication" type="System.WebServer.Configuration.WindowsAuthenticationSection" overrideModeDefault="Allow" />

  • Added location tags in the web.config file for each folder / file that must be excluded from Windows authentication.

       <location path="pathToDirOrFile">
     <system.webServer>
       <security>
        <authentication>
         <anonymousAuthentication enabled="true" />
         <windowsAuthentication enabled="false" />
        </authentication>
       </security>
      </system.webServer>
   </location>

  • Make sure that each of these folders contains a separate web.config file that disables personalization of ID

       <configuration>
    <system.web>
     <identity impersonate="false" />
    </system.web>
   </configuration>
+12
source

NTLM authentication is usually configured in IIS, so you can switch to anonymous authentication for these folders.

alt text

+3
source

More articles:


All Articles