问题
When I switch my ASP.NET MVC project from Cassini web server to IIS Express, this is added to my applicationhost.config file:
<location path="MyProject">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
It's causing the site not to load with 401.2 - Unauthorized and I can't fix it on the Web.config level - it will then complain that the section is locked at parent level (HTTP 500.19).
I can fix it by amending the applicationhost.config file but I don't understand why I should need to when no such section is added for a vanilla ASP.NET MVC project. What can be wrong?
I'm using VS 11 beta but also confirmed this weird behavior in 2010 SP1. IIS Express says it's version 7.5.
回答1:
It was because for some reason, this was in my csproj file:
<IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
Setting it to enabled fixes the issue (it can also be done from Visual Studio, select project, F4, set Anonymous Authentication in the properties grid to Enabled).
回答2:
please right click on the project and select use iis express before pressing F4.
回答3:
Sometimes ago, I faced the same difficulty, but it was little different from what I see over here. In my laptop I have both VS 08 and VS 13, and SQL Server 2008 R2 and 11G XE. For websites connecting to R2 has never been a problem, but when I was trying to build a website using oracle membership with asp.net, I found that pages open but pages under folder with roles are not opening and giving me the access denied error. Though the folder had a proper web.config inside and the user created with the same role, still it was throwing up the same error. Finally I realized I need the authentication mechanism going and so I added the following code in the system.web of web.config:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" slidingExpiration="true"
timeout="90" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<identity impersonate="false"/>
<trace
enabled="false"
requestLimit="10"
pageOutput="false"
traceMode="SortByTime"
localOnly="true"
/>
And it did work, now my authenticated users can loginto designated folders! I hope this might help someone who faced issues similar to me.
来源:https://stackoverflow.com/questions/9743550/iis-express-is-automatically-disabling-anonymous-authentication-for-my-project