IIS 7.5中未启用Windows身份验证

Question

I am just starting to learn ASP.NET. I opened a default ASP.NET application and changed the web.config file to enable Windows authentication.

<authentication mode="Windows">
</authentication>

When I run from VS using the asp.net development server, it is able to detect my windows login and display it. I tried publishing it to the IIS server 7.5 in the same PC and ran from there. Now my windows login is not getting detected. I have enabled the Windows Authentication from the Authentication feature in IIS. What else I might be missing in this case?

Thanks..

Answer 1

Try disabling Anonymous Authentication in IIS 7.5 for that web-site.

• Open IIS Console.
• Select website.
• Double-click "Authentication"
• Ensure "Anonymous Authentication" is disabled

Only "Windows Authentication" should be enabled for your purposes.

The reason this works is that a browser will perform the first request anonymously. If anonymous authentication is enabled this request will succeed, and so the web-server will have no idea who you are.

If you use a tool like Fiddler to examine the network traffic between you and the server, you will notice that you actually get 3 requests if Windows Authentication is the only configured method. The requests get the following responses:

• Request 1: "Please can I log-in anonymously?"
• Response 1: "NO!!!" [HTTP Status Code 401]
• Request 2: "Alright, what do you support?"
• Response 2: "I support Windows Authentication" [HTTP Status Code 401]
• Request 3: "Alright - here's my Windows token"
• Response 3: "Hi RB, here's your web-page" [HTTP Status Code 200]