ASP.NET Core disable Windows Authentication

Question

I have .NET Core MVC web application where during creation I set Windows authentication. Now I want to disable Windows authentication and enable anonymous authentication (I have my own authentication mechanism). Here is what I have set in my config file

.vs\config\applicationhost.config

  <security>
    <authentication>
      <anonymousAuthentication enabled="true" />
      <windowsAuthentication enabled="false" />
    </authentication>
  </security>

My problem is that when I reopen the solution and run it, the config is changing to:

  <security>
    <authentication>
      <anonymousAuthentication enabled="false" />
      <windowsAuthentication enabled="true" />
    </authentication>
  </security>

How it's possible that something is changing the config and what should I do to prevent this change?

Jozef Izso Jozef Izso · Accepted Answer · 2019-01-03T21:42:00

The file is managed by Visual Studio and it is being regenerated.

To disable Windows Authentication, you must change project settings is Visual Studio. This setting is stored in the launchSettings.json file and Visual Studio generates applicationhost.config for the IIS Express process - when ASP.NET Core is hosted in the IIS Express.

Details about this configuration are here: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-2.2

ASP.NET Core disable Windows Authentication

1 Answers