248
votes

I'm trying to use IIS Express with VS2010 to host a silverlight application. I modified my applicationhost.config file to allow for modification of the proper configuration settings. I have the following in my web.config:

<location path="">
  <system.webServer>
    <security>
      <authentication>
        <anonymousAuthentication enabled="false" />
        <windowsAuthentication enabled="true" />
      </authentication>
    </security>
  </system.webServer>
</location>

I am not being authenticated and my domain service call returns a null record as the user. I was able to get this to work after installing VS2010 SP1 BETA but I'm trying to get this to work with only IIS Express.

How do I enable Windows Authentication to work with IIS Express. Is there a configuration setting that I am missing?

10

10 Answers

277
votes

option-1:

edit \My Documents\IISExpress\config\applicationhost.config file and enable windowsAuthentication, i.e:

<system.webServer>
...
  <security>
...
    <authentication>
      <windowsAuthentication enabled="true" />
    </authentication>
...
  </security>
...
</system.webServer>

option-2:

Unlock windowsAuthentication section in \My Documents\IISExpress\config\applicationhost.config as follows

<add name="WindowsAuthenticationModule" lockItem="false" />

Alter override settings for the required authentication types to 'Allow'

<sectionGroup name="security">
    ...
    <sectionGroup name="system.webServer">
        ...
        <sectionGroup name="authentication">
            <section name="anonymousAuthentication" overrideModeDefault="Allow" />
            ...
            <section name="windowsAuthentication" overrideModeDefault="Allow" />
    </sectionGroup>
</sectionGroup>

Add following in the application's web.config

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
      <security>
        <authentication>
          <windowsAuthentication enabled="true" />
        </authentication>
      </security>
    </system.webServer>
</configuration>

Below link may help: http://learn.iis.net/page.aspx/376/delegating-configuration-to-webconfig-files/

After installing VS 2010 SP1 applying option 1 + 2 may be required to get windows authentication working. In addition, you may need to set anonymous authentication to false in IIS Express applicationhost.config:

<authentication>

            <anonymousAuthentication enabled="false" userName="" />

for VS2015, the IIS Express applicationhost config file may be located here:

$(solutionDir)\.vs\config\applicationhost.config

and the <UseGlobalApplicationHostFile> option in the project file selects the default or solution-specific config file.

403
votes

Visual Studio 2010 SP1 and 2012 added support for IIS Express eliminating the need to edit angle brackets.

  1. If you haven't already, right-click a web-flavored project and select "Use IIS Express...".
  2. Once complete, select the web project and press F4 to focus the Properties panel.
  3. Set the "Windows Authentication" property to Enabled, and the "Anonymous Authentication" property to Disabled.

enter image description here

I believe this solution is superior to the vikomall's options.

  • Option #1 is a global change for all IIS Express sites.
  • Option #2 leaves development cruft in the web.config.
    • Further, it will probably lead to an error when deployed to IIS 7.5 unless you follow the "unlock" procedure on your IIS server's applicationHost.config.

The UI-based solution above uses site-specific location elements in IIS Express's applicationHost.config leaving the app untouched.

More information here: http://msdn.microsoft.com/en-us/magazine/hh288080.aspx

9
votes

Building upon the answer from booij boy, check if you checked the "windows authentication" feature in Control Panel -> Programs -> Turn windows features on or of -> Internet Information Services -> World Wide Web Services -> Security

Also, there seems to be a big difference when using firefox or internet explorer. After enabeling the "windows authentication" it works for me but only in IE.

5
votes

In addition to these great answers, in the context of an IISExpress dev environment, and in order to thwart the infamous "system.web/identity@impersonate" error, you can simply ensure the following setting is in place in your applicationhost.config file.

<configuration>
    <system.webServer>
        <validation validateIntegratedModeConfiguration="false" />
    </system.webServer>
</configuration>

This will allow you more flexibility during development and testing, though be sure you understand the implications of using this setting in a production environment before doing so.

Helpful Posts:

2
votes

In IIS Manager click on your site. You need to be "in feature view" (rather than "content view")

In the IIS section of "feature view" choose the so-called feature "authentication" and doulbe click it. Here you can enable Windows Authentication. This is also possible (by i think in one of the suggestions in the thread) by a setting in the web.config ( ...)

But maybe you have a web.config you do not want to scrue too much around with. Then this thread wouldnt be too much help, which is why i added this answer.

0
votes

This answer may help if: 1) your site used to work with Windows authentication before upgrading to Visual Studio 2015 and 2) and your site is attempting to load /login.aspx (even though there is no such file on your site).

Add the following two lines to the appSettingssection of your site's Web.config.

<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>
0
votes

On the same note - VS 2015, .vs\config\applicationhost.config not visible or not available.

By default .vs folder is hidden (at least in my case).

If you are not able to find the .vs folder, follow the below steps.

  1. Right click on the Solution folder
  2. select 'Properties'
  3. In Attributes section, click Hidden check box(default unchecked),
  4. then click the 'Apply' button
  5. It will show up confirmation window 'Apply changes to this folder, subfolder and files' option selected, hit 'Ok'.

    Repeat step 1 to 5, except on step 3, this time you need to uncheck the 'Hidden' option that you checked previously.

Now should be able to see .vs folder.

0
votes

After doing everything in the above answers, I figured out I was not running Visual Studio as Admin. After running as Admin, problem solved.

0
votes

If none of the answers helps, you might need to adjust the project properties. Check this other StackOverflow answer on how to do that:

https://stackoverflow.com/a/20857049/56621

0
votes

I'm using visual studio 2019 develop against ASP.Net application. Here's what been worked for us:

  1. Open your Project Property Windows, Disable Anonymous Authentication and Enable Windows Authentication
  2. In your Web.Config under system.web

<authentication mode="Windows"></authentication>p

And I didn't change application.config in iis express.