Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
840 views
in Technique[技术] by (71.8m points)

c# - Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication?

For example:

A website contains several other folders that contain parts of the overall application: /frontend, /backend, /login

The bin folder is on the same level as these subfolder, i.e. the root of the website.

All of these subfolders contain pages that use binaries that reside in the bin folder of the root of the website.

The user must input windows credentials when visiting a page in the backend folder, but not when visiting a page in the login or frontend folder.

I'm using IIS7

Any ideas?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Found a solution:

  • Adjusted the applicationHost.config file and changed the "overrideModeDefault" to "Allow" for the anonymousAuthentication en windowsAuthentication section entries

                <section name="anonymousAuthentication" type="System.WebServer.Configuration.AnonymousAuthenticationSection" overrideModeDefault="Allow" />
                <section name="windowsAuthentication" type="System.WebServer.Configuration.WindowsAuthenticationSection" overrideModeDefault="Allow" />
    
  • Added location tags in the web.config for every folder / file that needed to be excluded from windows authentication

       <location path="pathToDirOrFile">
         <system.webServer>
           <security>
            <authentication>
             <anonymousAuthentication enabled="true" />
             <windowsAuthentication enabled="false" />
            </authentication>
           </security>
          </system.webServer>
       </location>
    
  • Made sure each one of those folders contained a separate web.config file that disables identity impersonation

       <configuration>
        <system.web>
         <identity impersonate="false" />
        </system.web>
       </configuration>
    

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...