Windows Authentication not working in IIS Express, debugging with Visual studio 2013, Windows 8

19
votes

I just upgraded my application from Visual studio 2012 to Visual studio 2013. My windows authentication is not working any more. It is giving me below error.

     HTTP Error 401.2 - Unauthorized
     You are not authorized to view this page due to invalid authentication headers.

In visual studio there is option to select authentication from website properties itself. So I disabled anonymous access and enable windows authentication but it is asking me for username and password as below popup. Even if I give domain credentials here. Its is still giving me this popup again and again.

enter image description hereenter image description here

Web Config :

     <authentication mode="Windows" />
     <authorization>
     <deny users="?" />
     </authorization>
     <identity impersonate="false" />
     <trace enabled="true" />

IIS Express aspnetConfig :

     <authentication>

            <anonymousAuthentication enabled="false" userName="" />

            <basicAuthentication enabled="false" />

            <clientCertificateMappingAuthentication enabled="false" />

            <digestAuthentication enabled="false" />

            <iisClientCertificateMappingAuthentication enabled="false">
            </iisClientCertificateMappingAuthentication>

            <windowsAuthentication enabled="true">
                <providers>
                    <add value="Negotiate" />
                    <add value="NTLM" />
                </providers>
            </windowsAuthentication>

        </authentication>

        <authorization>
            <add accessType="Allow" users="*" />
        </authorization>



        <location path="Path">
        <system.webServer>
        <security>
            <authentication>
                <windowsAuthentication enabled="true" />
                <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
        </system.webServer>
        </location>

Let me know if you want more details on this.

Update :

I found out that if I remove below line from web.config than it start working.

     <remove users="*" roles="" verbs="" />
4
visual-studio-2013windows-authenticationiis-express

4 Answers

22
votes

Be careful with the applicationhost.config modifications - in Visual Studio 2015 I've found that it sometimes resides in the local project directory.

For example:

DRIVE:\MYPROJECT\.vs\config\applicationhost.config

If you're not sure which applicationhost config file is being used, you can monitor file access with ProcMon & then narrow down the results based on "Path" to see what VS is actually reading at Debug time.

Update: This appears to be the behavior in Visual Studio 2017 as well.

16
votes

It looks like you solved your own question! Good on you. In addition to this post helping me I found the following to be SUPER helpful in configuring my IIS Express.

IIS Express Windows Authentication

Edit: I've copied the important information from the associated link in case it dies. This is completely from user vikomall

option-1:

edit \My Documents\IISExpress\config\applicationhost.config file and enable windowsAuthentication, i.e:

<system.webServer>
...
  <security>
...
    <authentication>
      <windowsAuthentication enabled="true" />
    </authentication>
...
  </security>
...
</system.webServer>

option-2:

Unlock windowsAuthentication section in \My Documents\IISExpress\config\applicationhost.config as follows

<add name="WindowsAuthenticationModule" lockItem="false" />

Alter override settings for the required authentication types to 'Allow'

<sectionGroup name="security">
    ...
    <sectionGroup name="system.webServer">
        ...
        <sectionGroup name="authentication">
            <section name="anonymousAuthentication" overrideModeDefault="Allow" />
            ...
            <section name="windowsAuthentication" overrideModeDefault="Allow" />
    </sectionGroup>
</sectionGroup>

Add following in the application's web.config

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
      <security>
        <authentication>
          <windowsAuthentication enabled="true" />
        </authentication>
      </security>
    </system.webServer>
</configuration>

Below link may help: http://learn.iis.net/page.aspx/376/delegating-configuration-to-webconfig-files/

After installing VS 2010 SP1 applying option 1 + 2 may be required to get windows authentication working. In addition, you may need to set anonymous authentication to false in IIS Express applicationhost.config:

<authentication>

            <anonymousAuthentication enabled="false" userName="" />
5
votes

In Visual Studio 2017, asp.net core project, the authentication is setup at launchSettings.json

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:54491/",
      "sslPort": 0
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "api/values",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "TestAspNetCoreProd": {
      "commandName": "Project",
      "launchBrowser": true,
      "launchUrl": "api/values",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "http://localhost:54492"
    }
  }
}
3
votes

For Visual Studio 2019 the applicationhost.config will be found in

DRIVE:\MYPROJECT\.vs\$(PROJECTNAME)\config\applicationhost.config