0

I've recently created an MVC application that leverages Windows Authentication. I have a subdirectory named "EventReceivers" that a want to allow anonymous access on. I've updated my web.config with the proper location element and all works fine on Windows Server 2012 w/ IIS8. However, when I deploy the same project to Azure pack, the files in the EventReceivers directory prompt users for credentials. Below is my web.config snippet. Any suggestions?

 <system.web>
    <customErrors mode="Off"/>
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
    <authentication mode="Windows" />
    <authorization>     
      <allow verbs="OPTIONS" users="*" />
      <deny users="?" />
    </authorization>
  </system.web>
  <location path="EventReceivers">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>
lestersconyers
  • 354
  • 2
  • 9

1 Answers1

1

You must also disable windows authentication within the location element like so:

<location path="EventReceivers">
    <system.web>
      <authorization>
        <allow users="?"/>
      </authorization>
    </system.web>
    <system.webServer>
      <security>
        <authentication>
          <windowsAuthentication enabled="false" />
          <anonymousAuthentication enabled="true" />
        </authentication>
      </security>
    </system.webServer>
  </location>
lestersconyers
  • 354
  • 2
  • 9