tags:

views:

145

answers:

1
Q: 

Disable form authentication for public pages

Hi, In my development environment everything works as I expect. I can access all the pages and as soon as I get to a secured page I check the Request.IsAuthenticated and redirect to the login page if needed. The problems starts when I deploy the project under IIS7. When I access the site I'm being redirected to the login page (as defined in the web.config) although it suppose to be a public page... If I disable the Form Authentication in the admin console Request.IsAuthenticated always return true. So

How can I make IIS behaves like my ASP.NET development server?

p.s. I'm working with asp.net MVC

Thanks, Eden.

A: 

Probably you have authorization section in your web.config and it denies all requests for unauthenticated users. Check this article for some details about authorization section. And it will be better to allow access for unauthenticated users evidently by adding 

    <authorization>
        <allow users="*" /> 
    </authorization>

Edit 26/02:
Probably there are some specific IIS authorization rules (IIS 7 introduces a new authorization mechanism). I recommend you to check all rules that are defined for application using IIS management tool (this article explains how to check them). And probably it'll be interesting and useful for you to check changes between IIS 6 and IIS 7 and IIS 7 url authorization feature in details.

Also I checked it on my box (windows 7). I created a simple asp.net mvc application and deployed it to IIS (version 7.5). And all was working as expected. Probably there are some restrictions on your server that are placed in the root config (a config in a root folder) or in machine.config.

zihotki  2010-02-24 11:58:01
No I don't. but the article looks promising although it doesn't explain the differences between the production and the development environments.
Eden  2010-02-24 15:27:13

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps