ASP.NET MVC3 and Windows Auth on IIS keeps redirecting to /Account/Login

I'm running MVC3 and a windows auth web application. When I deploy to IIS6 it runs great until I hit a page that requires authentication. It then is auto-redirecting to /Account/Login when I have no trace of that in my application and my web.config is configured to windows auth.

Any ideas?

Here is my entire web.config file: http://pastie.org/1568510

Check whether you have WebMatrix.Data.dll and/or WebMatrix.WebData.dll deployed in the bin directory of your application. If they are there (and you know you don't use them) then try removing them and accessing a page that requires authentication.

In RTM try to add to <appSettings> in Web.config:

<add key="enableSimpleMembership" value="false" />

(Thx to https://stackoverflow.com/questions/4078525/problem-exclusively-using-windows-authentication-in-asp-net-mvc-3-beta#comment-7709871.)

Not sure if you still have the issue or not, but try adding

<add key="autoFormsAuthentication" value="false" />

to your web.config under appSettings. According to here and here, that should solve your problem.

Try override WebMatrix.dll default for login url by adding this to your appSettings (web.config) :

<add key="loginUrl" value="~/Account/LogOn"/>

WebMatrix.dll set the login Url to /Account/Login, if this key isn't set in the config file... It works for me.

In RTM try to add to in Web.config:

<add key="enableSimpleMembership" value="false" />

The above post works. +1 Add this key before adding deployable dependencies.

I had the same issue in my MVC4 project, only my project has Anonymous Authentication disabled outright, so Windows Authentication is always required.

I have no WebMatrix.* in my bin folder, and adding the autoFormsAuthentication and enableSimpleMembership keys to appSettings didn't do it for me.

Instead, I had to comment out the following:

<authentication mode="Forms">
    <forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>

And replace it with this:

<authentication mode="Windows" />

That did the trick.

I was using nopCommerce 2.65 and had this issue.

I did not have any of WebMatrix.Data.dll nor WebMatrix.WebData.dll deployed in the bin folder, but adding

<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false" />

in the web.config solved it.

Another way to override "login.aspx url redirection problem with MVC + IIS 7"... by adding this to your appSettings (web.config) :

<authentication mode="Forms">
<!--<forms loginUrl="~/Account/Login" timeout="2880" />-->
<forms loginUrl="~/Home" timeout="2880" />
</authentication>

...This resolved the problem for me

I fixed it this way

1. Go ot IIS
   2) Select your Project
   3) Click on "Authentication"
   4) Click on "Anonymous Authentication" > Edit > select "Application pool identity" instead of "Specific User".
   5) Done.

Make sure that all the authentication settings in IIS are correct.

For me the application that redirected to /Account/Login was running within a site that Anonymous authentication enabled. After disabling this in the site and enabling it for the application (together with Windows authentication) it was ok.

You can also go to the IIS on the server and go into Authentication modes and disable forms authentications.

This has me scratching my head in a demo. Embarassing.

I know this is a super old post. But I just ran across this after going through a tutorial on upgrading from MVC 4 to MVC 5. So I'm throwing it on just in case anyone else makes the mistake I did. My issue ended up being that I accidently added 'Microsoft.AspNet.WebPages.WebData' to my project while upgrading my references.

Running "Uninstall-Package Microsoft.AspNet.WebPages.WebData" restored my authentication to it's previous glory.

In MVC for the 4.6 Framework this is done in 2 ways, the first is in the Web.Config as you would expect, the second one is done in the projectfile and is used to configure IIS Express:

<PropertyGroup>
..
    <IISExpressAnonymousAuthentication>enabled</IISExpressAnonymousAuthentication>
    <IISExpressWindowsAuthentication>disabled</IISExpressWindowsAuthentication>
</Property

Will disable Windows authentication and use anonymous when developing but is not used for the deploying the application.