I'm trying to setup a .net framework site to use windows authentication, but am having trouble getting the login prompt to go away. The culprit seems to be that disabling anonymous authentication in IIS adds the below item to my web.config, which enables the anonymous authentication setting in VS and locks it.

<system.webServer>
    <security>
        <authentication>
            <anonymousAuthentication enabled="false" />
        </authentication>
    </security>
</system.webServer> 

I've manually added and removed that line from the config, and every time I add the line, it has the same behavior; anonymous authentication in VS becomes enabled and locked.

This behavior has not occurred for me on any other site using windows authentication. I created the project this morning, so there are not .net version change issues.

If it matters, my project is setup on .NET Framework 4.7.1 and I've pointed IIS at the project folder rather than a publish directory.

I have already done each of the below separately

• verified that NTLM is the first provider in IIS
• added <allow users="*" /> and <deny users="?" /> to my web config
• added <windowsAuthentication enabled="true" /> to my web config

CodePudding user response：

TLDR: answered here: ASP.NET Calling WebMethod with jQuery AJAX "401 (Unauthorized)"

I'm still unclear why Anonymous Authentication is set to Enabled and I'm unable to change it in VS, but I've addressed the prompting. As it turns out, the prompts were occuring only when the js attempted to call the webmethods I'd setup.

The link goes into more detail, but the below change needed to be made to RouteConfig.RegisterRoutes...

        //settings.AutoRedirectMode = RedirectMode.Permanent;
        settings.AutoRedirectMode = RedirectMode.Off;