Programmatically enable or disable anonymous authentication in IIS

Question

I have a web application and I need to provide its users the option to switch login method from FormsAuth to WindowsAuth. I managed to change the web.config file via code:

Answer 1

You are trying to update wrong section. anonymousAuthentication is part of system.webServer and not system.web. Correct configuration is

<system.webServer>
<security>
  <authentication>
    <anonymousAuthentication enabled="true" />
  </authentication>
</security>
</system.webServer>

You can modify it using ServerManager class found in Microsoft.Web.Administration. Search for nugget package "Microsoft.Web.Administration". Once you have added reference to Microsoft.Web.Administration.dll using nugget you can modify it using code as follows:

        using (ServerManager serverManager = new ServerManager())
        {
            Microsoft.Web.Administration.Configuration config = serverManager.GetApplicationHostConfiguration();
            Microsoft.Web.Administration.ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication");
            anonymousAuthenticationSection["enabled"] = true;                
            serverManager.CommitChanges();
        } 

Answer 2

Okay, so, turned out I could not find a way to dynamically change the auth mode, but I found pretty neat solution to the problem: I have created another web application, nested it inside the first one, had set Forms Auth mode for the first one and Windows for the nested and whenever I needed to use IIS's power to work with domain, user groups etc, I used a redirect from one to another, passing data by cookies and as url parameters.