How to enable windows authentication??

Discussion in 'ASP.NET / ASP.NET Core' started by tuomo, May 5, 2010.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. Hello. I have a scheduled task which I want to be password protected. So I want to use Username and Password fields in discountasp's Scheduled Task Manager. Scheduled task must use windows authentication, and that is my problem.

    My scheduled task script is in /ScheduledTask/Task.aspx. I have tried to enable Windows authentication by putting web.config to this directory. web.config:

    <?xml version="1.0"?>
    <configuration>
    <system.webServer>
    <security>
    <authentication>
    <windowsAuthentication enabled="true" />
    </authentication>
    <authorization>
    <remove users="*" roles="" verbs="" />
    <add accessType="Allow" users="myuser" />
    </authorization>
    </security>
    </system.webServer>
    </configuration>

    But this causes an error:
    HTTP Error 500.19 - Internal Server Error
    The requested page cannot be accessed because the related configuration data for the page is invalid.
    This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false". ​


    Is there anyone who have get this thing working?
     
  2. Bruce

    Bruce DiscountASP.NET Staff

    This is a little confusing... you actually need to set Windows Authentication in ASP.NET but not IIS.

    This is what you want to do

    <system.web>
    ...
    <authentication mode="Windows"/>
    ...
    </system.web>

    If you still have problem, post the complete web.config.
     
  3. Thanks bruce. It works now. I should also remove DomainServiceModule module in web.config.

    <configuration>
    <system.web>
    <authentication mode="Windows"/>
    <authorization>
    <deny users="?"/>
    <allow users="myuser"/>
    </authorization>
    </system.web>
    <system.webServer>
    <modules>
    <remove name="DomainServiceModule"/>
    </modules>
    </system.webServer>
    </configuration>
     
  4. Bruce

    Bruce DiscountASP.NET Staff

    cool.
     
  5. Sorry, I have still problems with that. My page don't ask username and password at all. This is driving me grazy.

    You can check it here: http://www.tuomokuusela.com/ScheduledTask/Task.aspx

    web.config is in my previous reply.

    Are you sure that Windows authentication is enabled in IIS settings?? It looks like I cannot use Windows authentication at all.


    Could someone from aspdiscount staff create tutorial or example which uses authentication for scheduled task.
     
  6. Bruce

    Bruce DiscountASP.NET Staff

    OK.. let me explain..

    On the IIS level, there's an Authentication setting (ie. anonymous, Basic, Digest, Windows.. etc.).

    On the ASP.NET level, there's also an Authentication setting.

    You do not want to touch the IIS Authentication setting for your purpose. You'll want to set it within the ASP.NET level. Note that ASP.NET "Windows" Authentication is NOT the same as IIS Windows Authentication. IIS Windows authentication means that the web server will use Active Directory to validate the user which is almost useless unless you are working on an Intranet application where the server and the browser are located in the same domain.

    This is how you need to password protect a directory / page with Basic Authentication.

    1) Mark the directory as an application root in the application root tool in the control panel (you need to do this because you can only have 1 authentication scheme in an application)

    2) Put the followings in the web.config

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>

    <system.web>
    <authentication mode="Windows" />
    </system.web>

    <location path="default.aspx">
    <system.web>
    <authorization>
    <deny users="?" />
    </authorization>
    </system.web>
    </location>

    </configuration>

    The above example tells ASP.NET to ask for username / password for the default.aspx page.

    If you want to password protect the whole directory, this is what you do

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>

    <system.web>
    <authentication mode="Windows" />
    <authorization>
    <deny users="?" />
    </authorization>
    </system.web>

    </configuration>
     
  7. I have done exactly what you explained. With these settings my asp.net application should ask username and password, is that right? But it doesn't ask! It only gets me Access is denied page. You can see that there http://www.tuomokuusela.com/ScheduledTask/Task.aspx
     
  8. I had IIS basic authentication disabled at root level web.config. Now I have enabled IIS basic authentication in web.config in the subdir. Okay, now it asks the username and password. Thats good.

    But there is yet something wrong in my web.config. After password prompt I get an Parser Error page. It says:

    Server Error in '/ScheduledTask' Application.
    Parser Error
    Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error details and modify your source file appropriately.

    Parser Error Message: Could not load type 'Polttoaine.Web.ScheduledTask.Task'.

    Source Error:

    Line 1: <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Task.aspx.cs" Inherits="Polttoaine.Web.ScheduledTask.Task" %>
    Line 2:
    Line 3: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


    Source File: /ScheduledTask/Task.aspx Line: 1
     
  9. Bruce

    Bruce DiscountASP.NET Staff

    this is a different error.. you will get it whether it is password protected or not.

    You either didn't upload all the dlls (into the /scheduledTask/bin directory) or you didn't upload all the code files.
     
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page