and ALSO had to copy this module from system.web / httpModules into system.webServer / modules

IIS 7 did not seem to pick it up under httpModules (although it did work from development server in Visual Studio).

I am running your code with few changes after converting it to .Net 4, I can run the application perfectly fine on local machine.

However when I deploy this web service on Dev Environment and call my service in internet explorer. That gives me user prompt; I enter valid username/password but it keeps prompting me username/password, eventually after three tries I get Error message 401.2 – access is denied.

In my HttpModule every time User is authenticated, I log if authentication was successful. And I can see in log file, all three times authentication was successful. But it still error out. :(

By the way If I run web services in Integrated mode, it works fine. Unfortunately my requirement is to run web services in Classic mode.

Environment Details: Windows Server 2008 R2, IIS7.5 Classic mode

I am stuck with this from last 4 days. Please help!

Thanks for your great article.

I have this up and working fine but there is one area which I am hoping you might be able to advise on please.

I need to call my newly restricted webservice through an application which requires basic authentication. I can see from the server logging behind the app, that it is trying to call the webservice as follows: https://username:password@server/webservicename/operation.asxm?wsdl

This does not seem to work though and when I contacted the vendors of the application they said that this is the only way that their system will authenticate.

Would you know is there something that I could change in the BasicAuth.cs or web.config which would get this to work? If I just put in my WSDL address, so https://server/webservicename/operation.asxm?wsdl – it prompts for a username and password and works fine. Its just trying to pass in the details in the format which my application requires that I run into problems. I basically get a 401 error through the application and when trying this in a web browser I get ‘Invalid Syntax Error’.

Any advice would be much appreciated.

Thanks,
Edel

I need a solution like this to support protecting all webs on an IIS7 Server 2008 64 bit box that functions as a QA server. The ISAPI method is required because I need it to work for classic ASP, .net 1.1 and .net 2.0+ web apps.

Has anyone got this to work on a 64 bit machine?
I know that Helicon APE only supports .net 2+ and IISPassword does not work with IIS 7. Others don’t work with 64 bit.

Thought I’d check before I dove in. Prefer a paid / stable solution if anyone knows of one that works in the above described environment!

Thanks,
Ben

- In web.config, change the name of the httpModule to “CustomBasicAuthenticationModule”. In IIS7, there’s already a built-in module named “BasicAuthenticationModule”.
- Follow the instructions here http://bdotnet.in/blogs/navaneeth/archive/2008/07/06/2056.aspx

Chinh