9

I'm using the ServerManager class (from Microsoft.Web.Administration) to create applications on a server running IIS 7. I want to configure whether the application uses anonymous authentication or Windows-authentication on an application-basis so I can't simply ask IT to change the settings on the root site. The contents of the application belongs to a third party so I'm not allowed to change the web.config file inside the application.

The Application class doesn't expose any useful properties, but maybe I could get something done using the ServerManager's GetApplicationHostConfiguration method?

Improve this question

1 Answer 1

Reset to default
14

It sounds like your hoping to alter the Internet Information System configuration for the site; if that is correct something like this should work:

using (ServerManager serverManager = new ServerManager())
{
    Configuration config = serverManager.GetWebConfiguration("Contoso");
    ConfigurationSection authorizationSection = config.GetSection("system.webServer/security/authorization");
    ConfigurationElementCollection authorizationCollection = authorizationSection.GetCollection();

    ConfigurationElement addElement = authorizationCollection.CreateElement("add");
    addElement["accessType"] = @"Allow";
    addElement["roles"] = @"administrators";
    authorizationCollection.Add(addElement);

    serverManager.CommitChanges();
 }

The above code will allow you to create an authorization rule that allows a particular user in a group to access a particular site. In this case the site is Contoso.

Then this will disable Anonymous authentication for the site; then enable Basic & Windows Authentication for the site:

using(ServerManager serverManager = new ServerManager()) 
{ 
    Configuration config = serverManager.GetApplicationHostConfiguration();

    ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Contoso");
    anonymousAuthenticationSection["enabled"] = false;

    ConfigurationSection basicAuthenticationSection = config.GetSection("system.webServer/security/authentication/basicAuthentication", "Contoso");
    basicAuthenticationSection["enabled"] = true;

    ConfigurationSection windowsAuthenticationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Contoso");
    windowsAuthenticationSection["enabled"] = true;

    serverManager.CommitChanges();
}

Or you can simply add an IIS Manager User Account if you'd like; which you can set to certain permissions to manipulate and manage those other applications.

using (ServerManager serverManager = new ServerManager())
{
    Configuration config = serverManager.GetAdministrationConfiguration();

    ConfigurationSection authenticationSection = config.GetSection("system.webServer/management/authentication");
    ConfigurationElementCollection credentialsCollection = authenticationSection.GetCollection("credentials");
    ConfigurationElement addElement = credentialsCollection.CreateElement("add");
    addElement["name"] = @"ContosoUser";
    addElement["password"] = @"P@ssw0rd";
    addElement["enabled"] = true;
    credentialsCollection.Add(addElement);

    serverManager.CommitChanges();
}

There is a lot of flexibility within Internet Information System; its quite powerful. The documentation through there reference is also quite in depth. The examples are quite inept to be adapted to your particular usage or at least provide a level of understanding to make it do what you want.

Hopefully that help, those examples came from here:

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.