chapter 20 basic authentication

egivler · June 29th, 2004, 12:34 PM

I worked through the example in Chapter 20 and am having some issues.

1. Is BASIC (virtual folder) supposed to point to: c:\begaspnet\ch20\basic? If I right click that folder (c:\begaspnet\ch20\basic), and pick New virtual directory, and select the folder, when I attempt to visit that page, I get an error:

http://nrbitappw08p4/BegASPNET/ch20/basic/
(url as seen on page 737)
It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

If I attempt to goto: http://nrbitappw08p4/basic, I get:
HTTP 404 - File not found
Internet Information Services

2. So I recreate the Virtual Directory, BASIC, from the Default Web Site to point to the same location. It now appears at the same level as the BegASPNET virtual folder.

BegASPNET allows anonymous access, but this folder underneath it, with a web.config uses Basic Authentication. I attempt to access it and am not prompted to enter any credentials either accessing it remotely or locally. Why?

3. I changed the web.config file to add an <authorization> section. When I did this, it began prompting me. HOWEVER, after taking it out, and "bouncing" IIS, it is still prompting, which is wasn't doing at Step#2 just minutes before. What gives?

bmains · June 29th, 2004, 02:12 PM

Hey,

If your virtual allows anonymous access, it runs as the the user setup for the anonymous access IUSR_MachineName. To make the user login to your application, you must enter:

<deny users="?"/> - Deny anonymous users
<allow users="*"/> - Allow logged in users

That is for forms-based auth, which is that what you are doing?

Brian

egivler · June 29th, 2004, 02:57 PM

In this case, I was only using BASIC Authentication. So I couldn't figure out why I was never prompted for a login. The default.aspx page would show up and both the User.Identity.Name and User.Identity.AuthenticationType were blank. However, since then I have not been able to reproduce the error.

Getting back to the virtual folders, in the text, the book's example screenshot shows a URL of:
http://localhost/BegASPNET/Ch20/Basic/

If I attempt to navigate to that folder then I get the error above. If I create the Virtual Folder the way I would expect to create it (at the same level as BegASPNET and navigate to the site as http://localhost/Basic/, then things work fine.

I guess I'm wondering if I'm doing things correctly because every example shows a URL that includes http://localhost/BegASPNET/ch20/ in it, and these don't work at all for me.

bmains · June 29th, 2004, 09:16 PM

Hello,

Well, ASP.NET works with virtuals, and I'm guessing that many layers is throwing it off. You may be able to (at the first folder path 3 levels deep) if you go to the Basic folder, right click it, and under properties\Virtual Directory, make sure where it says Application Name, make sure the button to the right says remove. If it says create, click it to create the app.

Try that,

Brian