web site configuration

Question

One web site is required to be accessed by me (developer) and one user (DOMAIN_NAME\\USER_NAME).

When I developed web site in visual studio using "automatic host&quo

Answer 1

Maybe it can be useful: I started to receive 401.2. error in .ASPX application (no changes in the app made), in protected path amd Forms auth.:

<authentication mode="Forms">
...
</authentication>
...
<location path="Admin">
    <system.web>
        <authorization>
            <allow roles="Admin,Client" />
            <deny users="*" />
        </authorization>
    </system.web>
</location>

AFTER launching of other MVC applications on same computer/IIS. It seems MVC changed something in server's config (routes, I believe). Any playing with Authentication in IIS (computer/server/site) did not help. But Next helped: I have changed Application pool from .Net 4.5 to .Net 4.5 Classic for the web application. The difference in pool Managed pipeline mode, Integrated/Classic.

Answer 2

Your web.config is set up properly. Further, ensure the IIS site/app is configured as:

• to NOT allow anonymous access
• forcing Integrated Windows authentication
• leave the app pool as Network Service

IIS7

• ensure you have the Windows Authentication security feature installed in Roles & Features.
• In IIS7, go to the IIS or Features View, double-click Authentication.
• On the Authentication page, select Windows Authentication
• On the Authentication page, disable Anonymous Authentication
• MSDN article

IIS6

Find the dialog below at

• Control Panel / Administrative Tools -> IIS Manager -> Right click Web site -> Properties -> Directory Security