Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
834 views
in Technique[技术] by (71.8m points)

c# - Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication?

For example:

A website contains several other folders that contain parts of the overall application: /frontend, /backend, /login

The bin folder is on the same level as these subfolder, i.e. the root of the website.

All of these subfolders contain pages that use binaries that reside in the bin folder of the root of the website.

The user must input windows credentials when visiting a page in the backend folder, but not when visiting a page in the login or frontend folder.

I'm using IIS7

Any ideas?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Found a solution:

  • Adjusted the applicationHost.config file and changed the "overrideModeDefault" to "Allow" for the anonymousAuthentication en windowsAuthentication section entries

                <section name="anonymousAuthentication" type="System.WebServer.Configuration.AnonymousAuthenticationSection" overrideModeDefault="Allow" />
                <section name="windowsAuthentication" type="System.WebServer.Configuration.WindowsAuthenticationSection" overrideModeDefault="Allow" />
    
  • Added location tags in the web.config for every folder / file that needed to be excluded from windows authentication

       <location path="pathToDirOrFile">
         <system.webServer>
           <security>
            <authentication>
             <anonymousAuthentication enabled="true" />
             <windowsAuthentication enabled="false" />
            </authentication>
           </security>
          </system.webServer>
       </location>
    
  • Made sure each one of those folders contained a separate web.config file that disables identity impersonation

       <configuration>
        <system.web>
         <identity impersonate="false" />
        </system.web>
       </configuration>
    

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...