Use Anonymous authentication in MVC4 on single controller when the whole application uses Windows Authenticaion

[From]: http://stackoverflow.com/questions/15087755/use-anonymous-authentication-in-mvc4-on-single-controller-when-the-whole-applica

Add this to your Web.config. Here, my controller is named “WebhookController”.

<location path="Webhook">
  <system.web>
    <authorization>
      <allow users="*"/>
    <authorization>
  <system.web>
<location>

See this KB article for more info.

Edit – As Erik mentioned below, in MVC applications you should not use web.config <authorization> tags for security. Instead, use [Authorize] attributes. Doing so will allow your [AllowAnonymous] attributes to work correctly. You can read more about this here.

shareedit

Additionally, configure IIS settings as follows:

Anonymous – Enabled
ASP.NET Impersonation – Disabled
Basic Authentication – Disabled
Digest Authentication – Disabled
Forms Authentication – Disabled
Windows Authentication – Enabled – HTTP 401 Challange

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s