Authentification in IIS

[Guest]

Hi,

I am programming my diploma project in ASP.NET using C#. It is about examing
students using internet.

I created web application and when I am testing it through localhost
everything is going fine... But when I would like to access this web
application from another computer, it requires username and password...

But when I access another web application it works without any problem
with asking for authentification...

Could you help me, where and how should I change security permissions...
in IIS or in properties of that folder?

I really need help here...

Thanks

Peter

 

[Brock Allen]

Open the IIS Manager tool on the other computer and under websites/default
website locate your virtual directory. Get the properties and choose the
"Directory Security" tab. Click the top edit button for authentication and
access control and then enable the "anonymous auth" checkbox.

 

[Guest]

I checked that and anonymous auth was enabled and still it was not working...
;(

 

[Guest]

You can check the web.config file of the current web application which you
are trying to access from another machine. In the webconfig file make sure
you have correct values for elements Deny and allow under <authorization>
blob. * for all users and ? for annonymous users.


You can use Internet Information service Management Console and select the
directoy security tab and Autnentication mode to the Annonymous.

This should probably fix your issues

 

[Brock Allen]

So then how is security configured in web.config and check the security properties
on the files on the filesystem. You'll need to grant read access to the identity
that your webserver's runnin as. If it's W2K, then that'll be ASPNET, if
it's W2K3 then that's Network Service.

 

[Patrick Olurotimi Ige]

Try what harish adviced guess that should work

 

[Guest]

Well,

I checked that, but there were some problems...

I think that allowing (denying) users should be in <authorization> section.
In <authentication> section I can use only modes = None, Windows, Forms,
PassPort. But if I will write:

<authorization>
<allow users="*" />
</authorization>

it will have another problems, because from my web application I am
connecting to MS SQL Server and it will show me this message:
Login failed for user Newton/ASPNET

Few months ago I solved this problem, when I wrote
<authorization>
<deny users="?"/>
</authorization>
<identity impersonate="true" />

So I have really BIG problem with this application to work correctly... ;-(((

 

[Nick Goloborodko]

You can check the web.config file of the current web application which you
are trying to access from another machine. In the webconfig file make sure
you have correct values for elements Deny and allow under <authorization>
blob. * for all users and ? for annonymous users.


You can use Internet Information service Management Console and select the
directoy security tab and Autnentication mode to the Annonymous.

This should probably fix your issues



:

Hi,

I have also encountered similar problem earlier. Here's what was going
wrong in my case:
My dev machine was part of AD, but i was logged in as local
administrator, hence had unrestricted access to my IIS. When i tried
accessing the IIS from another computer which had been logged on as an
AD user who was part of "User" group, i got prompted with username and
password.

There's a security policy setting which specifies which users are
allowed to access IIS. To fix it add Anonymous group to that setting (i
appologise, i cannot remember the exact name of it off the top of my
head, and since i'm on linux at the mo - no way of finding out either)

Hope this helps,

Nick Goloborodko
http://nickgoloborodko.com