IIS Express Windows Authentication
Visual Studio-2010Visual StudioWindows AuthenticationIis ExpressVisual Studio-2010 Problem Overview
I'm trying to use IIS Express with VS2010 to host a silverlight application. I modified my applicationhost.config file to allow for modification of the proper configuration settings. I have the following in my web.config:
<location path="">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
I am not being authenticated and my domain service call returns a null record as the user. I was able to get this to work after installing VS2010 SP1 BETA but I'm trying to get this to work with only IIS Express.
How do I enable Windows Authentication to work with IIS Express. Is there a configuration setting that I am missing?
Visual Studio-2010 Solutions
Solution 1 - Visual Studio-2010
Visual Studio 2010 SP1 and 2012 added support for IIS Express eliminating the need to edit angle brackets.
- If you haven't already, right-click a web-flavored project and select "Use IIS Express...".
- Once complete, select the web project and press F4 to focus the Properties panel.
- Set the "Windows Authentication" property to Enabled, and the "Anonymous Authentication" property to Disabled.
I believe this solution is superior to the vikomall's options.
- Option #1 is a global change for all IIS Express sites.
- Option #2 leaves development cruft in the web.config.
- Further, it will probably lead to an error when deployed to IIS 7.5 unless you follow the "unlock" procedure on your IIS server's applicationHost.config.
The UI-based solution above uses site-specific location elements in IIS Express's applicationHost.config leaving the app untouched.
More information here: http://msdn.microsoft.com/en-us/magazine/hh288080.aspx
Solution 2 - Visual Studio-2010
option-1:
edit \My Documents\IISExpress\config\applicationhost.config
file and enable windowsAuthentication, i.e:
<system.webServer>
...
<security>
...
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
...
</security>
...
</system.webServer>
option-2:
Unlock windowsAuthentication section in \My Documents\IISExpress\config\applicationhost.config as follows
<add name="WindowsAuthenticationModule" lockItem="false" />
Alter override settings for the required authentication types to 'Allow'
<sectionGroup name="security">
...
<sectionGroup name="system.webServer">
...
<sectionGroup name="authentication">
<section name="anonymousAuthentication" overrideModeDefault="Allow" />
...
<section name="windowsAuthentication" overrideModeDefault="Allow" />
</sectionGroup>
</sectionGroup>
Add following in the application's web.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</configuration>
Below link may help: http://learn.iis.net/page.aspx/376/delegating-configuration-to-webconfig-files/
After installing VS 2010 SP1 applying option 1 + 2 may be required to get windows authentication working. In addition, you may need to set anonymous authentication to false in IIS Express applicationhost.config:
<authentication>
<anonymousAuthentication enabled="false" userName="" />
for VS2015, the IIS Express applicationhost config file may be located here:
$(solutionDir)\.vs\config\applicationhost.config
and the <UseGlobalApplicationHostFile>
option in the project file selects the default or solution-specific config file.
Solution 3 - Visual Studio-2010
Building upon the answer from booij boy, check if you checked the "windows authentication" feature in Control Panel -> Programs -> Turn windows features on or of -> Internet Information Services -> World Wide Web Services -> Security
Also, there seems to be a big difference when using firefox or internet explorer. After enabeling the "windows authentication" it works for me but only in IE.
Solution 4 - Visual Studio-2010
In addition to these great answers, in the context of an IISExpress dev environment, and in order to thwart the infamous "system.web/identity@impersonate" error, you can simply ensure the following setting is in place in your applicationhost.config file.
<configuration>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
</configuration>
This will allow you more flexibility during development and testing, though be sure you understand the implications of using this setting in a production environment before doing so.
Helpful Posts:
Solution 5 - Visual Studio-2010
In IIS Manager click on your site. You need to be "in feature view" (rather than "content view")
In the IIS section of "feature view" choose the so-called feature "authentication"
and doulbe click it.
Here you can enable Windows Authentication.
This is also possible (by i think in one of the suggestions in the thread) by a setting in the web.config (
But maybe you have a web.config you do not want to scrue too much around with. Then this thread wouldnt be too much help, which is why i added this answer.
Solution 6 - Visual Studio-2010
This answer may help if: 1) your site used to work with Windows authentication before upgrading to Visual Studio 2015 and 2) and your site is attempting to load /login.aspx
(even though there is no such file on your site).
Add the following two lines to the appSettings
section of your site's Web.config
.
<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>
Solution 7 - Visual Studio-2010
.vs\config\applicationhost.config not visible or not available.
On the same note - VS 2015, By default .vs folder is hidden (at least in my case).
If you are not able to find the .vs folder, follow the below steps.
- Right click on the Solution folder
- select 'Properties'
- In
Attributes
section, clickHidden
check box(default unchecked), - then click the 'Apply' button
- It will show up confirmation window 'Apply changes to this folder, subfolder and files' option selected, hit 'Ok'.
Repeat step 1 to 5, except onstep 3
, this time you need touncheck
the 'Hidden' option that you checked previously.
Now should be able to see .vs folder.
Solution 8 - Visual Studio-2010
After doing everything in the above answers, I figured out I was not running Visual Studio as Admin. After running as Admin, problem solved.
Solution 9 - Visual Studio-2010
If none of the answers helps, you might need to adjust the project properties. Check this other StackOverflow answer on how to do that:
Solution 10 - Visual Studio-2010
I'm using visual studio 2019 develop against ASP.Net application. Here's what been worked for us:
- Open your Project Property Windows, Disable Anonymous Authentication and Enable Windows Authentication
- In your Web.Config under system.web
<authentication mode="Windows"></authentication>p
And I didn't change application.config in iis express.