Mixing Anonymous Authentication with Windows Authentication in IIS 7
Question
Is there any possible way to mix Anonymous Authentication with Windows Authentication, or even Basic Authentication in IIS 7? My ideal setup would all attempt to authenticate with Windows or Basic Authentication and if that fails fall back to Anonymous Authentication.
The problem I'm running into is that with any of the possible combinations I choose in IIS 7, if Anonymous Authentication is enabled it always defaults to anonymouse regardless of what else is enabled. I understand that this is by design, I'm just trying to find a way around it.
For the record, I'm not attempting to mix Forms Authentication with Windows Authentication, as that's not applicable in my situation.
Thanks
1 answers
solution1
3 ACCPTED 2010-04-28 14:14:23
It depends on what you are trying to achieve. You can mix "anonymous" authentication and Windows Authentication by simply using Windows Authentication. You would then restrict permissions such that some files and folders were not available to the Application Pool's user account and others were. Remember that even Anonymous Authentication is not really anonymous. Every site runs under the context of a set of credentials. In IIS6 for example, that account is typically NETWORK SERVICE. If you need the "anonymous" user to have limited access to some domain resources, then run the Application Pool under a low-level domain account.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.