Different Authentication for Same Site in IIS 7 vs. IIS 6 RRS feed

  • Question

  • User1010739618 posted

    We have an internal web site that is set up using Windows Integrated security that most of our internal consumers use.  We also have a need to provide access to this same site for a few things using Basic authentication.  Everything is internal.

    In IIS 5/6, the 'Basic' site just had a different host header than the Windows Integrated site and its Local Path was set to point to the primary site.  Besides the different authentication setting, there was nothing to this Basic site.

    We are moving to IIS 7 and configuring these sites the same way (i.e. the Physical Path is the same for both sites) as IIS 6 doesn't seem to work as it seems that the Basic site is reading the web.config file of the primary site which has Windows Integrated security defined in it.

    What is the recommended practice for setting something up in IIS 7 to meet our needs?  Is it just adding a Basic authentication entry into the primary web.config?  Would this work?  Is there a better way to configure this?  I'm waiting for our infrastructure group to set up some DNS entries for some testing, so in the mean time I thought I would post to see if there are any obvious answers out there.

    Thanks in advance for any help.  As you can probably tell I don't really have any IIS configuration experience, I'm just a software engineer.  Your strange IIS ways frighten and confuse me.  When I see all the new options in the IIS 7 administration console, I think 'Oh boy, why did I volunteer to do this?'.  I don't know, I'm just a software engineer.  One thing I do know though is that I need to find out the best way to do this.

    Tuesday, February 10, 2009 4:49 PM


  • User511787461 posted

    You will need to write the configuration with location tags in applicationhost.config.  Something like below will achieve what you want

    %windir%\system32\inetsrv\appcmd.exe set config "Site1 Name" -section:windowsAuthentication -enabled:true -commitpath:apphost
    %windir%\system32\inetsrv\appcmd.exe set config "Site2 Name" -section:basicAuthentication -enabled:true -commitpath:apphost

    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Wednesday, February 11, 2009 12:52 AM