CODEWITHSUNDEEP
.netiis
Prasad Rao
Prasad Rao

Reputation: 11

Allow anonymous authentication for a single aspx page?

I have an Asp.Net application that is using a Window authentication enabled & anonymous authentication is disabled. but i need to allow anonymous access to a particular folder in which having a single aspx page, within the application. Note: Entire application that is using a Window authentication enabled & anonymous authentication is disabled. I tried by changing the anonymousAuthentication section's overrideModeDefault from "Deny" to "Allow" in C:\Windows\System32\inetsrv\config\applicationHost.config: Second, after setting overrideModeDefault="Allow" then you can put the following in your web.config: even tried by adding a location tag in web config file

Upvotes: 1

Views: 1609

Answers (1)

Rich-Lang
Rich-Lang

Reputation: 467

You should not change overrideModeDefault. There is a better way to "unlock" that section if you want to.

The easiest way in my opinion is to make this change (which does not include unlocking that section) is inside the ApplicationHost.config. For this, you'd add something like this to the bottom of the ApplicationHost.config just above the closing /configuration tag

<location path="MyAwesomeSite/MyAwesomeAnonFolder">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</location>

If you really want to place the config in a web.config, you would add something like the following to unlock anonymousAuth for that one site into the ApplicationHost.config

<location path="MyAwesomeSite" overrideMode="Allow">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</location>

Then you would create a web.config file under the anonymous folder (MyAwesomeAnonFolder) that looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</configuration>

Upvotes: 1

Related Questions