web site configuration

Your web.config is set up properly. Further, ensure the IIS site/app is configured as:

  • to NOT allow anonymous access
  • forcing Integrated Windows authentication
  • leave the app pool as Network Service

IIS7

  • ensure you have the Windows Authentication security feature installed in Roles & Features.
  • In IIS7, go to the IIS or Features View, double-click Authentication.
  • On the Authentication page, select Windows Authentication
  • On the Authentication page, disable Anonymous Authentication
  • MSDN article

IIS6

Find the dialog below at

  • Control Panel / Administrative Tools -> IIS Manager -> Right click Web site -> Properties -> Directory Security

IIS 6 non anonymous with Windows Authentication

Tags:

Asp.Net

Authorization

Asp.Net 4.0

Recent Posts