Reputation: 354
Running IdentityServer3 in IIS with Anonymous authentication disabled
Is it possible to run IdentityServer3 in IIS (hosted in IIS) with only Windows Authentication enabled? Is it mandatory to have anonymous authentication also enabled? if so, why anonymous authentication is required?
I am running "MVC OWIN Client (Hybrid)" sample application and try to access the IdentityServer3, which is configured only with Windows Authentication in IIS. I am getting response as unauthorized, looks like "MVC OWIN Client (Hybrid)" sample is trying to access the ../dentityServer3/.well-known/openid-configuration' and failing, because anonymous is disabled.
Any suggestions?
Upvotes: 1
Views: 174
Answers (1)
Reputation: 18502
The Microsoft OpenID Connect middleware makes a request to the discovery endpoint to download issuer metadata. This assumes that anonymous access is enabled.
You'd need to statically configure the middleware instead. You try to configure a BackChannelHandler that has Windows authentication enabled. Should work but haven't tried yet.
Upvotes: 1
Related Questions
- IIS Mixed Anonymous and Windows Authentication
- IIS Anonymous Authentication enabled but credentials required
- Skip IdentityServer3 login screen
- Anonymous authentication not working for WCF service: "..... The authentication header received from the server was ''"
- Getting username in an mvc application with no authentication and anonymous authentication enabled in IIS
- WCF service with WsHttpBinding & windows authentication failing with anonymous access error