IIS7 Setup Integrated Windows Authentication like in IIS6

Question

This is for IIS 7 on a Windows Server 2008 that is not part of an AD domain   I would like to password protect a website  where people have to enter a username password  a windows account for example  to view the website   The website would then use its own authentication method  forms  to handle user accounts and decide whether or not to show member specific pages  etc    With IIS6  we just disabled anonymous access and enabled integrated windows authentication   IIS7 behaves differently and when I enter the windows username password to view the site  the site comes up fine but redirects to the login page   Once I log in  the site behaves naturally  I need to be able to navigate the site without logging in with the website credentials   I don t think enabling anonymous access would make sense here since I want access to the website to be password protected  popup username password dialog when you first navigate to the url    Any help is appreciated

User · Accepted Answer

Two-stage authentication is not supported with IIS7 Integrated mode. Authentication is now modularized, so rather than IIS performing authentication followed by asp.net performing authentication, it all happens at the same time.

You can either:

Change the app domain to be in IIS6 classic mode...
Follow this example (old link) of how to fake two-stage authentication with IIS7 integrated mode.
Use Helicon Ape and mod_auth to provide basic authentication

User · Answer

So do you want them to get the IE password-challenge box  or should they be directed to your login page and enter their information there  If it s the second option  then you should at least enable Anonymous access to your login page  since the site won t know who they are yet   If you want the first option  then the login page they re getting forwarded to will need to read the currently logged-in user and act based on that  since they would have had to correctly authenticate to get this far

User · Answer

To enable the Windows Authentication on IIS7 on Windows 7 machine    Go to Control Panel Click Programs    Programs and Features Select  Turn Windows Features on or off  from  left side   Expand Internet Information Services    World Wide Web Services    Security  Select Windows Authentication and click OK   Reset the IIS and Check in IIS now for windows authentication    Enjoy

User · Answer

To enable the Windows Authentication on IIS7 on Windows 7 machine    Go to Control Panel Click Programs    Programs and Features Select  Turn Windows Features on or off  from  left side   Expand Internet Information Services    World Wide Web Services    Security  Select Windows Authentication and click OK   Reset the IIS and Check in IIS now for windows authentication    Enjoy

User · Answer

There s another thread elsewhere on Stack with a similar topic and the best solution I ve come across is to use the free version of Helicon Ape  Once you ve got that installed  follow the steps at the page Titled  HTTP Authentication and Authorization

User · Answer

There s another thread elsewhere on Stack with a similar topic and the best solution I ve come across is to use the free version of Helicon Ape  Once you ve got that installed  follow the steps at the page Titled  HTTP Authentication and Authorization

User · Answer

Configure IIS7 for windows authentication in Windows Server 2008  See this link   http   www iis net ConfigReference system webServer security authentication windowsAuthentication  Enjoy this post  -

User · Answer

Configure IIS7 for windows authentication in Windows Server 2008  See this link   http   www iis net ConfigReference system webServer security authentication windowsAuthentication  Enjoy this post  -

User · Answer

So do you want them to get the IE password-challenge box  or should they be directed to your login page and enter their information there  If it s the second option  then you should at least enable Anonymous access to your login page  since the site won t know who they are yet   If you want the first option  then the login page they re getting forwarded to will need to read the currently logged-in user and act based on that  since they would have had to correctly authenticate to get this far

User · Answer

So do you want them to get the IE password-challenge box  or should they be directed to your login page and enter their information there  If it s the second option  then you should at least enable Anonymous access to your login page  since the site won t know who they are yet   If you want the first option  then the login page they re getting forwarded to will need to read the currently logged-in user and act based on that  since they would have had to correctly authenticate to get this far

User · Answer

So do you want them to get the IE password-challenge box  or should they be directed to your login page and enter their information there  If it s the second option  then you should at least enable Anonymous access to your login page  since the site won t know who they are yet   If you want the first option  then the login page they re getting forwarded to will need to read the currently logged-in user and act based on that  since they would have had to correctly authenticate to get this far

[authentication] IIS7: Setup Integrated Windows Authentication like in IIS6

Examples related to authentication

Examples related to iis-7

Examples related to windows-authentication