1

I'm currently using System.DirectoryServices.DirectoryEntry and the 'AuthFlags' property therein to set Anonymous access to a virtual web. To enable anonymous access I give it a value of 1. What value do I need to set to enable forms auth?

I have this idea in the back of my head that maybe this is only set via the web.config?

Improve this question

3 Answers 3

Reset to default
3

I notice you're using System.DirectoryServices to configure these features on IIS7 (according to your tags).

In IIS7 you can configure both of these settings using the Microsoft.Web.Administration library instead:

Setting the authentication type (replaces AuthFlags):

IIS 7 Configuration: Security Authentication <authentication>

To configure Forms Authentication: 

using Microsoft.Web.Administration;
   ...
long iisNumber = 1234;
using(ServerManager serverManager = new ServerManager())
{
  Site site = serverManager.Sites.Where(s => s.Id == iisNumber).Single();

  Configuration config = serverManager.GetWebConfiguration(site.Name);
  ConfigurationSection authenticationSection = 
               config.GetSection("system.web/authentication");
  authenticationSection.SetAttributeValue("mode", "Forms");

  ConfigurationSection authorizationSection = 
               config.GetSection("system.web/authorization");
  ConfigurationElementCollection addOrDenyCollection = 
               authorizationSection.GetCollection();
  ConfigurationElement allowElement = addOrDenyCollection.CreateElement("allow");
  allowElement["users"] = "?";

  addOrDenyCollection.Add(allowElement);
  serverManager.CommitChanges();
}

The code above will create a new web.config file in the root of the website or modify an existing one.

To use Microsoft.Web.Administration, add a reference to C:\Windows\System32\InetSrv\Microsoft.Web.Administration.dll.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So kinda like I was saying in my last sentence, you're saying the best way is to just modify the web.config? Thanks for this btw.
@zip - yes that would be the way to do this.
2

I would recommend a slightly different approach if maintaining IIS 7 or 7.5. The concepts are similar but de-emphasizing the ASP.Net oriented <system.web> in the local application web.config in trade for emphasizing the IIS oriented <system.webServer> in the server applicationHost.config.

Start at the bottom of this link and scroll up... http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication 

Imports System
Imports System.Text
Imports Microsoft.Web.Administration

Module Sample
   Sub Main()
      Dim serverManager As ServerManager = New ServerManager
      Dim config As Configuration = serverManager.GetApplicationHostConfiguration

      Dim anonymousAuthenticationSection As ConfigurationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Default Web Site/App1")
      anonymousAuthenticationSection("enabled") = False

      Dim windowsAuthenticationSection As ConfigurationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Default Web Site/App1")
      windowsAuthenticationSection("enabled") = True

      serverManager.CommitChanges()
   End Sub
End Module

The core approach is to make changes in IIS Manager and observe how the application host config changes for that application. Then you replicate those changes by driving the new Microsoft.Web.Administration assembly appropriately.

Location: %systemroot%\system32\inetsrv\config\applicationHost.config

Things to look for:

<location path="Default Web Site/App1">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="true" />
                <windowsAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</location>
Improve this answer

1 Comment

What I don't understand is where is the /App1 coming from?
1

Source

using System;
using System.Text;
using Microsoft.Web.Administration;

internal static class Sample {

   private static void Main() {

      using(ServerManager serverManager = new ServerManager()) { 
         Configuration config = serverManager.GetApplicationHostConfiguration();

         ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Contoso");
         anonymousAuthenticationSection["enabled"] = false;

         ConfigurationSection windowsAuthenticationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Contoso");
         windowsAuthenticationSection["enabled"] = true;

         serverManager.CommitChanges();
      }
   }
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.