IIS7.5 and MVC 2 : Implementing HTTP(S) security
Posted
by Program.X
on Stack Overflow
See other posts from Stack Overflow
or by Program.X
Published on 2010-04-20T08:38:20Z
Indexed on
2010/04/20
8:43 UTC
Read the original article
Hit count: 195
This is my first ASP.NET MVC application, and my first on an IIS 7.x installation whereby I have to do anything over and above the standard.
I need to enforce Windows authentication on the /Index and /feeds/xxx.svc pages/services. In ASP.NET Web Forms, I would apply the Windows permissions on the files and remove Anonymous authentication in IIS 6. This needs to work over HTTP/S, but don't worry about that, that's in hand.
What happens in MVC/IIS 7?
I have tried modifying the permissions on the /Index.aspx view, which seems to block access. It asks me for a username/password, but does not grant access when I enter a valid username/password. Pressing Escape gives me an exception "*Access to the path 'E:\dev\xxx\xxx.ConsultantRegistration.Web.Admin\Views\ConsultantRegistration\index.aspx' is denied. *", which does get sent as a 401.
So although the username/password does exist on the Index.aspx view, I can't use those credentials to access said view.
I have in my web.config:
What am I missing?
© Stack Overflow or respective owner