Comments on: Web Services Security – HTTP Basic Authentication without Active Directory

By: Chinh

Chinh — Mon, 24 Aug 2009 21:09:00 +0000

For anyone trying to get this to work with IIS7, you need to do this:

- In web.config, change the name of the httpModule to “CustomBasicAuthenticationModule”. In IIS7, there’s already a built-in module named “BasicAuthenticationModule”.
- Follow the instructions here http://bdotnet.in/blogs/navaneeth/archive/2008/07/06/2056.aspx

Chinh

By: Gulin

Gulin — Tue, 11 Aug 2009 08:44:47 +0000

I did all the steps , added
using System.Web in the BasicAuthenticationModule.cs Class however visual studio gives errors like IHttpModule, HttpApplication could not be found.. Could you tell me where did i make the mistake?

By: gregr

gregr — Fri, 24 Jul 2009 11:56:48 +0000

Mike, the source is available, which you can compile. I don’t have a DLL available for download.

By: mike

mike — Fri, 24 Jul 2009 07:17:36 +0000

Where is the link to download the dll

By: Anders

Anders — Thu, 23 Apr 2009 13:12:23 +0000

This works great on my dev machine with IIS5 but when running on the hosting server (IIS7) it does not work, access is denied all the time.

Any ideas?

By: gregr

gregr — Wed, 04 Mar 2009 22:01:21 +0000

Kim – you pretty much can’t…using Basic auth, the browser will re-present the credentials on each request as necessary, and assuming those credentials are still valid, it will be transparent to the user.

By: Kim

Kim — Wed, 04 Mar 2009 14:39:09 +0000

Using this code and it works great, thanks. Just one question – how would I implement a logout function? I’ve tried FormsAuthentication.SignOut(), Session.Abandon() and Context.User = null, but neither seems to work. I’m stilled logged on as the original user.

By: Basic authentication utilizzando uno store diverso da windows - Alessandro Damiani Blog

Wed, 18 Feb 2009 16:48:31 +0000

[...] Web Services Security – HTTP Basic Authentication without Active Directory [...]

By: Scott

Scott — Thu, 13 Nov 2008 19:43:09 +0000

I simply cannot get this to work in an ASP.net 2 webservice. It blows up completely inexplicably with w3wp.exe exceptions in the Application Log on Windows 2003 server. HTML pages work just fine, but any time I touch an ASPX or ASMX, the entire app pool crashes.

By: gregr

gregr — Thu, 02 Oct 2008 15:24:59 +0000

@Learner – make sure you follow _every_ step above, including the part after step 4 about IIS config. Then, try to hit your web service endpoint with a browser – you should find that it prompts you for credentials.