IIS 7 and Above
Why does IIS7 automatically register some of Asp.Net’s Http modules a...
Re: Why does IIS7 automatically register some of Asp.Net’s Http modul...
May 17, 2009 11:34 PM|lextm|LINK
A) From root web.config
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule"/>
Note that in this file, Forms authentication is configured as a HTTP module.
<location path="" overrideMode="Allow">
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="managedHandler" />
As IIS 7 use system.webServer\modules to register modules, and only modules registered in this tag is loaded into integrated pipeline, my personal guess is that forms authentication registered in root web.config is simply ignored by integrated pipeline.
That's how the conflicts are avoided.
Only if you use classic pipeline I think settings in root web.config system.web\httpModules will be read (but note that it is read by the separate pipeline hosted by aspnet_isapi.dll, not the integrated pipeline itself).
B) Yes, "tolerate" is a good term and I couldn't find a better myself.
C) No, I don't think so. If you are running in classic pipeline, then aspnet_isapi.dll will be loaded and a separate ASP.NET pipeline will be created which is exactly the same as IIS 6. Then it is this extra pipeline who loads another instance of FormsAuthenticationModule
Please review IIS 6 documentation about the classic pipeline mode, and from a comparison you can gain more insight on both the pipeline modes.
Q3) Yes, that's a typo. And you already got me right.