I have an asp.net version 4 web application that runs in IIS. It has worked well, but suddenly is looking for login.aspx.
I don't have and never have had login.aspx in the application. Why would it look for it now, and how do I fix it?
If this site is virtually a child of another site, then that could be the problem.
web.config files have a virtual inheritance hierarchy. The definition of the login page could be coming from a site higher in the virtual hierarchy.
If the higher web.config were to introduce a different login page, then that would affect your site. You would then have to use your web.config to override the changes made in the higher web.config.
I'm not too sure if you've found the answer already but if you don't need authentication in your website then set the authentication mode to none. Like below
<authentication mode="None"/>
Related
I have a .NET application with all the aspx pages and the main web.config in the root folder but I now have a situation where I need a portal like section for other users. I have created a new folder with it's own unique aspx pages and a second web.config.
I especially need a second web.config to have the <authentication> with a <forms loginUrl="" defaultUrl="> for this portal section and a <authentication> too.
I have implemeted this second web.config in the way I created the first and I am getting this error message:
It is an error to use a section registered as allowDefintion='MachineToApplication'
beyond application level. This error can be caused by a virtual directory not being
configured as an application in IIS.
Now I think the main web.config file is conflicting with the this second webconfig in it's folder. I'm not sure how to fix this, I have seen theories on how this works but no solid code.
Thank you for any suggestions and your time, it is much appreciated.
In IIS, create a virtual directory, under your main application. The local web.config will overide stuff in your main web.config, but still use you main web.config for everything else (i.e. ConnectionStrings, encoding, etc.).
Windows Authentication seems super simple, but I am still having trouble. So I decided to create a brand new Asp web app project with the Windows Authentication template. Of course, this works. In the designer, <asp:LoginName runat="server" /> works, and in code-behind User.Identity.Name works.
The only setting I can find is in web.config: <authentication mode="Windows"/>.
Back to my own web app project, I verified that I have the same web.config setting. However, the asp.LoginName tag and the User.Identity property have a blank string, i.e., no user name. Also, when using <deny users="?"/>
the page returns a 401.2 Access Denied response.
As I am testing both projects on the same dev machine, both in VS2015, the problem cannot be in settings of IIS Express or VS2015. Also using the same Firefox browser, although I also tried IE.
Is there a project setting in VS2015 that I overlooked?
Update:
I kind of solved this issue by copying all project source files to the brand new Asp web app project. In fact, I was in the process of converting a Web Site project to a Web Application project. I still do not know why I could not get Windows Authentication to work by configuration, but at least I can get going with further development.
However, I am still hoping for an answer . . . :-)
On your Web.config you must add:
<authentication mode="Windows" />
Your server must be a member of AD.
Check:
https://support.microsoft.com/en-us/help/323176/how-to-implement-windows-authentication-and-authorization-in-asp-net
You can write whatever you want in web.config, but if the desired mode of authentication is not enabled in [solution]/.vs/config/applicationhost.config , it will not work. Because the leading dot makes this a hidden path, this config is hard to find. No idea if this is a bug or a feature ...
See also my other question on another test case of this problem: https://stackoverflow.com/a/48806942/1845672
I know this has been asked a lot, but I have not been able to find a working solution.
I'm trying to create an intranet website where I want to use Windows Authentication. But for some reason I can't get authentication to work.
I've searched far and wide on MSDN, Stack Overflow, blogs etc. and tried the proposed solutions - to no avail.
Here's what I'm using:
IIS 10.0.14393.0 (real IIS, not express)
Windows 10 (1607)
.NET Framework 4.6.1
ASP.NET MVC 5.2.3
In Visual Studio I created a new empty ASP.NET Web Application and put a checkmark in MVC. Then I added a very simple (Hello World) controller, model and view.
Finally I added the following (which many people claim to be the right solution) to web.config in the system.web section:
<authentication mode="Windows"/>
<authorization>
<allow users="DOMAIN\USER"/>
<deny users="*"/>
</authorization>
In IIS I created a new website, pointed it to the web application folder, and set up a host name which I added to "hosts" file.
Then I enabled the "Windows Authentication" feature under Authentication section.
In Internet Explorer (or Firefox or Chrome for that matter) I navigate to the website, using the route to the controller, and I'm then prompted for credentials. I enter credentials for the domain user, but I'm denied access.
Some people claim that "Anonymous Authentication" in IIS should also be enabled, but for me this doesn't help at all. Same problem.
Also, some people claim that it helps to go to "Providers" for "Windows Authentication" and reorder them to: NTLM, Negotiate. Doesn't change a thing for me.
Then I try to change authorization in web.config to just:
<allow users="*"/>
Doesn't help either.
It's like the auth-thing doesn't talk to AD at all.
Anyone know how to set this up correctly given the described scenario?
UPDATE (dec 8, 2016):
I found a pluralsight video (referenced from the asp.net/mvc website) by Scott Allen, where he explains the different authentication options for MVC5, and when it comes to doing an intranet site with Windows Authentication, it turns out it should be done pretty much like I've described in this question. Only thing is, when I try it out (I used the VS template for MVC and chose Windows Authentication), it only works in IISExpress - not in real IIS (even on same machine and both IISExpress and IIS setup to use Windows Authentication and not allow anonymous). So very frustrating.
You should not use <authorization> tag in ASP.Net MVC. It is meant for ASP.Net Web Form which is based on paths, whereas ASP.Net MVC works with Controllers, Actions and Routes.
In ASP.Net MVC, there are few ways to authenticate user via AD. I personally like to use use OWIN Middleware.
It has few pieces, so I created a sample project in GitHub AspNetMvcActiveDirectoryOwin. You can fork it, and test it right away.
The following three are the main classes -
AccountController
ActiveDirectoryService
OwinAuthenticationService
I have an asp.net '4.5' site (Orion Solarwinds) and I would like to add functionality. This can be done with a virtual directory, but adding anything to that folder will cause a recompile and interrupt service to the user.
It should be possible(and done it many times before) to 'just' add a application. So I should be able to use a separate application pool.
BUT what happens is that even with a index.html file in an empty application with a web.config in there, it still seems to inherit from the host webconfig. Thus this is not a Standalone ASP.Net Application in an existing website. I have tried to decouple this basic application - no joy. How can I fix this?
You can try using inheritInChildApplication by wrapping sections you don't want to inherit in host webconfig with this:
<location path="." inheritInChildApplications="false">
There's more details in this other thread
When I submit a form to other page in my ASP.NET site, it asks for windows authentication. How do I remove this?
There are two ways to set up windows authentication. One is in IIS and one is in web.config. So basically you need to check that there is no <authentication mode="windows"> tag in your main web.config or in a web.config in the specific folder where the aspx page in question is located. Furthermore you also need to go to the IIS manager (inetmgr) and make sure that windows authentication is not enabled in the folder in question.