Disable Extended Protection for Authentication (EPA) in IIS Express

Asked Feb 13 '18 at 13:32

Active Feb 13 '18 at 13:32

Viewed 521 times

I am currently working with VS2017 (15.5.5), on a Angular 5 & ASP.NET Core 2.0 project. I faced an issue with Windows Authentication, when the login expires in Chrome and Firefox (worked well on IE 11), it shows me a login popup which loops upon each submission. I suspect that this problem is caused by the fact these two browsers don't support EPA (Extended Protection for Authentication), thanks to this following answer:

https://stackoverflow.com/a/5752668/6192580

The answer from the above URL, gives a solution to disable it on IIS. Now, my question is how to disable it in IIS Express, for development time, what should I edit in .vs\config\applicationhost.config or in the configuration methods of my ASP.NET Core project ?

asked Feb 13 '18 at 13:32

Aymen Turki

https://jexusmanager.com You should be able to configure Windows authentication via Jexus Manager. – Lex Li Feb 13 '18 at 15:15
Thank you, but I wished to get the way to do it without installing anything, just manually updating a config file for example. If your tool does it, it should be possible. – Aymen Turki Feb 14 '18 at 10:48

Disable Extended Protection for Authentication (EPA) in IIS Express

0 Answers0