0

I'm trying to setup a .net framework site to use windows authentication, but am having trouble getting the login prompt to go away. The culprit seems to be that disabling anonymous authentication in IIS adds the below item to my web.config, which enables the anonymous authentication setting in VS and locks it.

<system.webServer>
    <security>
        <authentication>
            <anonymousAuthentication enabled="false" />
        </authentication>
    </security>
</system.webServer>

locked VS setting

I've manually added and removed that line from the config, and every time I add the line, it has the same behavior; anonymous authentication in VS becomes enabled and locked.

This behavior has not occurred for me on any other site using windows authentication. I created the project this morning, so there are not .net version change issues.

If it matters, my project is setup on .NET Framework 4.7.1 and I've pointed IIS at the project folder rather than a publish directory.

I have already done each of the below separately

  • verified that NTLM is the first provider in IIS
  • added <allow users="*" /> and <deny users="?" /> to my web config
  • added <windowsAuthentication enabled="true" /> to my web config
R Stevens
  • 65
  • 6
  • Each project in vs has a applicationhost.config, maybe it affects the anonymous authentication and windows authentication. Please check it. It locates on DRIVE:\MYPROJECT\.vs\config\applicationhost.config – Bruce Zhang Sep 27 '21 at 07:09
  • below is what applicationhost.config had in relation to authentication. I updated anonymous to true, windows to false, and moved NTLM up to bring this file in line with the IIS settings and what I need, but it had no effect on the behavior... I'm going to try recreating the project from scratch. – R Stevens Sep 27 '21 at 15:17

1 Answers1

0

TLDR: answered here: ASP.NET Calling WebMethod with jQuery AJAX "401 (Unauthorized)"

I'm still unclear why Anonymous Authentication is set to Enabled and I'm unable to change it in VS, but I've addressed the prompting. As it turns out, the prompts were occuring only when the js attempted to call the webmethods I'd setup.

The link goes into more detail, but the below change needed to be made to RouteConfig.RegisterRoutes...

        //settings.AutoRedirectMode = RedirectMode.Permanent;
        settings.AutoRedirectMode = RedirectMode.Off;
R Stevens
  • 65
  • 6