MVC Web Api won't allow Windows Authentication

Question

I have a simple MVC web api 2 IIS hosted application which I want to enable windows authentication (initially not using Owin). I am running this on my development machine an

Answer 1

If you read applicationHost.config, you will see that authentication related sections are locked down and cannot be overridden in web.config,

<section name="windowsAuthentication" overrideModeDefault="Deny" />

Thus, you need to specify that in applicationHost.config, instead of web.config. Both IIS and IIS Express have such restriction.