Eng | Rus
Education -> Solutions -> Forms authenticantion in IIS 7
Simple Seo Solutions
SEO and Promotion
Speech to text for AndroidAndroid speech to text

Forms authenticantion in IIS 7 Intergrated Pipeline Mode

Integrated Pipeline is the new feature of IIS 7 that allow to make restricted to anonymous users entire directory with different file types (html, php, aspx, etc).

Here are the steps to make simplest forms authentication for IIS 7 Intergrated Pepeline Mode:

1. Switch pipeline mode to Integrated. The hosting provider usually give some simple interface to do this.
2. Make web.config file in the root web site directory:

<?xml version="1.0" encoding="utf-8"?>



<authentication mode="Forms">
<forms name="someCookieName" loginUrl="/login.aspx">
<credentials passwordFormat="Clear">
<user name="alex" password="alex" />

<remove name="FormsAuthenticationModule" />
<add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />

<basicAuthentication enabled="false" />
<windowsAuthentication enabled="false" />
<anonymousAuthentication enabled="true" />

3. Make login.aspx page in the root web site directory and put login control to it.
4. Make Login1_Authenticate event for this control (I simply click in the designer to log in button) and type here this code:

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
if (FormsAuthentication.Authenticate(Login1.UserName, Login1.Password))
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, true);
Login1.FailureText = "can not auth";

p.s. Do not forget to write "using System.Web.Security;" in the "using" section.

5. Make some folder (let's named it auth_folder) in the root of the web site and put here another web.config file:

<?xml version="1.0" encoding="utf-8"?>

<remove users="*" roles="" verbs="" />
<add accessType="Deny" users="?" />
<add accessType="Allow" users="*" />

6. Create index.htm file in the auth_folder with some greeting. Create default.aspx file in the root directory also with some text.

That's all. To test application:
Navigate browser to auth_folder. You will be redirected to the login page.
Type alex as the user name and alex as the password.
Press Log in - you will be redirected to auth_folder and will see index.htm file.

Posted 9 february 2010