« Previous Next »

• 11-07-2009, 11:07 AM

  Francisco Lozano Joined on 11-07-2009, 3:39 PM Posts 2

  Forms + htpasswd/basic authentication is possible? Reply Contact Hi, I already posted this in the wrong forum (IIS 5 and 6), so I'm sorry for the cross-post. I have an ASP.NET MVC Website which is currently under development, deployed on a W2008r2 IIS7.5 x64 server, integrated pipeline. My website uses "forms" authentication and it works perfectly. As the website is under development and not yet open to the public, I would like to add an additional layer of protection, so that non-authorized users can't even see the login form, and only people who know a given password can actually view the website (and then authenticate through forms auth). In apache I would do it obviously with htpasswd+htaccess. In IIS7.5 I've tried to install Troxo IISPassword, but it doesn't work with IIS7.5 Is there any way to add something like an htpasswd to my website without messing with the currently-configured forms-based auth stuff? I would like not having to touch system users nor forms-based auth... My only option right now is putting an apache proxy behind the IIS, but that's ugly... Any other option?

• 11-07-2009, 6:50 PM

  In reply to

  lextm Joined on 10-22-2008, 4:18 AM Shanghai, PRC Posts 1,433

  Re: Forms + htpasswd/basic authentication is possible? Reply Contact When you mentioned you would like to use third party things, keep these in mind, 1. Ask its vendor if the product supports (or works with) the IIS version you use. Don't use anything that only targets an older version of IIS, as there can be compatibility issues. This is especially important when you decide to use open source projects unless you are a master of them. 2. If any problem rises due to such third party things, you need to consult the vendor for assistance. Actually it is possible to use mix authentication methods on IIS utilizing the build-in authentication methods, such as Windows + Forms, http://mvolo.com/blogs/serverside/archive/2008/02/11/IIS-7.0-Two_2D00_Level-Authentication-with-Forms-Authentication-and-Windows-Authentication.aspx I think it is not hard to apply the trick to other mixture (like basic + forms).  Lex Li Support Engineer at Microsoft --------------------------- This posting is provided "AS IS" with no warranties, and confers no rights.