5

I have a number of sites in IIS that I'd like to allow direct access to people in a certain subnet, then require basic authentication for everyone else.

Here's the exact same functionality I want in Apache:

    <Directory "/var/www/mydir">
            AuthName "Access Test Site"
            AuthType Basic
            AuthUserFile "/var/www/passwordfile"
            require valid-user

            Satisfy any
            Order Deny,Allow
            Deny from all
            Allow from 10.0.1
    </Directory>

I'd love to be able to do this on IIS6 and IIS7.5 but I'll take one or the other if I have to.

Mark Biek
  • 1,927
  • 2
  • 14
  • 12

1 Answers1

2

For IIS 7.5 I would consider URL Rewrite. For IIS6, consider ISAPI Rewrite.

Here are the forums for URL Rewrite http://forums.iis.net/1152.aspx

Check out this page for ISAPI Rewrite (http://www.isapirewrite.com/docs/), and search in the page for "Dynamic authentication". They give a walkthrough on how to handle the authentication part.

Scott Forsyth
  • 16,449
  • 3
  • 37
  • 56
  • That's interesting information but I'm not sure it does what I'm looking for. I'd really like to handle this for an entire site at the IIS level rather than having to add authentication code to everything. – Mark Biek Dec 14 '10 at 16:45
  • 3
    IIS doesn't have anything 'out of the box' for dynamic authentication. It would take a http handler or isapi extension to make it work like the Apache solution. You could create 2 sites. One site would have Auth and the other one wouldn't. The one without would have IP restrictions enabled either from IIS ip restrictions or URL Rewrite. The one with could have a URL Rewrite rule automatically redirecting to the other site so that your users only need to remember 1 URL. Another option is a 3rd party tool like AuthentiX (http://www.flicks.com/flicks/authx.htm) – Scott Forsyth Dec 14 '10 at 18:09