I am new at a client site and I have a production web application running on Windows Server 2003. When I run try accessing one of the intranet web apps it is asking for Authentication which we do not want to be Authenticated. But when I debug the Application
it runs smoothly with out prompting for Authentication.
My boss doesn't want the Authentication to be provided in the production. It already has the Anonymous Access enabled but it still aksing for the Authentication. I guess all of the Web applications authentication against Active Directory I still need to
figure out it is other wise.
To disable the Authentication do I have to make any option changes in the properties of the web application on the production server in IIS?
The Auhentication dialogue box reads as "The server ..... at Digest requires a Username and password". If I disable the Digest Authentication the page doesn't display at all and I do not even get the Authentication dialogue box at all.
In IIS, remove Windows Authentication and just use Anonymous. If it still asks for authentication, it's using Forms authentication, you can disable that in the web.config.
You should check the anonymous user identity, does it have permission to acces the site folder, and also does network service is granted user for that folder.
You don't need to disable windows authentication because if anonymous is enabled (checked) then windows type is not tried at all.
Regards,
Latek
Happy ASP.NET-ing
Please don't mark as Answer if the post doesn't help you to get the answer.
Hi, Yes the anonymours user has permission to access the site (becuase I see it checked and IUSR_ ... under the username and a password. Does it mean that the anonymous user has permission to access the folder?)
I do not have Windows authentication checked so no worrys on that part.
The other thing I need help with is if I change any of the options per say, "Digest authentication for Windows domain servers" changed (like unchecking and checking again) will requre an IIS reset to see the old functionality? Becuase during the above process
I unchecked the "Digest authentication for Windows domain servers" option and cheked back it again but the app kind of behaves a bit differently even though I checked it back again.
To allow anonymous access to website on IIS, we just need to enable Anonymous access option and disable Integrated Windows Authentication on IIS.
In this case, if we deploy simple website and enable Anonymous access on IIS, does it have the same issue? We need to make sure the Anonymous account has NTFS permissions on the Web site directory.
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.
The above problem got fixed by simply removing the authorization section in the web.config file. Thanks for the inputs for the above problem.
I have another issue that I am trying to find out. After going through a bit indetail I researched further in our application and we have the following scenario in ASP.NET web.config file and on the IIS.
We have the following in web.config folder which is in the application root folder
------------------------------------------------web.config file in the application's root folder------------------
<identity impersonate="false"/>
<authorization>
<allow users="*"/>
</authorization>
And when user try accessing the site it pops up login window with the message
"The server <xyz server> at Digest requires a username and password". User enters the userid and password and it authenticates and lets him in.
How do we make this login window popup only when user tries to get access to the pages that are in "Admin" folder? Our users's do not want the log in window pop up for any of the pages other than the Add, Edit, Delete pages which are in "Admin" folder.
In this case, you can try to move the Admin folder out of your website and then create a virtual directory in your website through IIS and point it to Admin folder you created above.
By doing so, you can configure your Admin folder using Windows Authentication and configure website using Anonymous access on IIS.
I look forward to receiving your test results.
Thomas Sun
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.
Member
13 Points
355 Posts
Authentication on our webapp - need help to disable it
Aug 10, 2009 10:19 AM|lusty_learner|LINK
I am new at a client site and I have a production web application running on Windows Server 2003. When I run try accessing one of the intranet web apps it is asking for Authentication which we do not want to be Authenticated. But when I debug the Application it runs smoothly with out prompting for Authentication.
My boss doesn't want the Authentication to be provided in the production. It already has the Anonymous Access enabled but it still aksing for the Authentication. I guess all of the Web applications authentication against Active Directory I still need to figure out it is other wise.
To disable the Authentication do I have to make any option changes in the properties of the web application on the production server in IIS?
The Auhentication dialogue box reads as "The server ..... at Digest requires a Username and password". If I disable the Digest Authentication the page doesn't display at all and I do not even get the Authentication dialogue box at all.
Please advise.
Thanks,
All-Star
25749 Points
10436 Posts
Re: Authentication on our webapp - need help to disable it
Aug 10, 2009 10:22 AM|jeff@zina.com|LINK
In IIS, remove Windows Authentication and just use Anonymous. If it still asks for authentication, it's using Forms authentication, you can disable that in the web.config.
Jeff
Member
13 Points
355 Posts
Re: Authentication on our webapp - need help to disable it
Aug 10, 2009 10:58 AM|lusty_learner|LINK
I looked at the Authentication on IIS for the application and the "Integrated Windows Authentication" is not selected.
When I looked in the web.config file I have
<Authentication mode="Windows" />
under <system.web>
I just need to change the above to <Authentication mode="None" />
is that right?
Member
210 Points
36 Posts
Re: Authentication on our webapp - need help to disable it
Aug 10, 2009 11:16 AM|latek|LINK
You should check the anonymous user identity, does it have permission to acces the site folder, and also does network service is granted user for that folder.
You don't need to disable windows authentication because if anonymous is enabled (checked) then windows type is not tried at all.
Regards,
Latek
Please don't mark as Answer if the post doesn't help you to get the answer.
Member
13 Points
355 Posts
Re: Authentication on our webapp - need help to disable it
Aug 11, 2009 12:16 PM|lusty_learner|LINK
Hi, Yes the anonymours user has permission to access the site (becuase I see it checked and IUSR_ ... under the username and a password. Does it mean that the anonymous user has permission to access the folder?)
I do not have Windows authentication checked so no worrys on that part.
The other thing I need help with is if I change any of the options per say, "Digest authentication for Windows domain servers" changed (like unchecking and checking again) will requre an IIS reset to see the old functionality? Becuase during the above process I unchecked the "Digest authentication for Windows domain servers" option and cheked back it again but the app kind of behaves a bit differently even though I checked it back again.
Thanks.
All-Star
54877 Points
5589 Posts
Re: Authentication on our webapp - need help to disable it
Aug 13, 2009 05:16 AM|Thomas Sun – MSFT|LINK
Hi,
To allow anonymous access to website on IIS, we just need to enable Anonymous access option and disable Integrated Windows Authentication on IIS.
In this case, if we deploy simple website and enable Anonymous access on IIS, does it have the same issue? We need to make sure the Anonymous account has NTFS permissions on the Web site directory.
For more information, see http://support.microsoft.com/kb/324274 (How to configure IIS Web site authentication in Windows Server 2003), http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/9ded7af2-fcb7-4ed2-b007-e19f971f6e13.mspx?mfr=true (Allowing Anonymous Access to Web Sites) and http://support.microsoft.com/kb/812614 (Default permissions and user rights for IIS 6.0).
I look forward to receiving your test results.
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.
Member
13 Points
355 Posts
Re: Authentication on our webapp - need help to disable it
Aug 17, 2009 10:31 AM|lusty_learner|LINK
Hi,
The above problem got fixed by simply removing the authorization section in the web.config file. Thanks for the inputs for the above problem.
I have another issue that I am trying to find out. After going through a bit indetail I researched further in our application and we have the following scenario in ASP.NET web.config file and on the IIS.
We have the following in web.config folder which is in the application root folder
------------------------------------------------web.config file in the application's root folder------------------
<identity impersonate="false"/>
<authorization>
<allow users="*"/>
</authorization>
---------------------------------------------------------------------------------------------------------------------------------
-------------------------web.config file in the 'Admin' folder-----------------------------
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<authorization>
<allow roles="Fay Asset Database" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
-------------------------------------------------------------------------------------
And when user try accessing the site it pops up login window with the message
"The server <xyz server> at Digest requires a username and password". User enters the userid and password and it authenticates and lets him in.
How do we make this login window popup only when user tries to get access to the pages that are in "Admin" folder? Our users's do not want the log in window pop up for any of the pages other than the Add, Edit, Delete pages which are in "Admin" folder.
Can this be done?
Thanks again!
All-Star
54877 Points
5589 Posts
Re: Authentication on our webapp - need help to disable it
Aug 17, 2009 11:21 PM|Thomas Sun – MSFT|LINK
Hi,
Thanks for your response.
In this case, you can try to move the Admin folder out of your website and then create a virtual directory in your website through IIS and point it to Admin folder you created above.
By doing so, you can configure your Admin folder using Windows Authentication and configure website using Anonymous access on IIS.
I look forward to receiving your test results.
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question.