Disable web authentification in asp .net

Question

I use ASP .Net 4 and I have a project using the form web authentication

<authentication mode="Forms">
  <forms loginUrl="~/" timeout="7200" />
</authentication>

I have a web service in the same project and I want to disable this web authentication for one page (a web service)

I tryed that code :

<location path="WSBaseCentrale.asmx" allowOverride="false">
  <system.web>
    <authorization>
      <allow users="?"/>
    </authorization>
  </system.web>
</location>

But I've a 302 redirection to the form logon. Is it possible to disable it ?

Edit

I tryied that and it doesn't work better. When I access to the page (http://localhost/App/WSBaseCentrale.asmx) I am always redirected to the form page (http://localhost/App/) with an HTTP 302 redirection.

<location path="WSBaseCentrale.asmx">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>

Edit 2

Some others facts :

the anonymous user in iis is activated.
When I use firebug (I desactive the cache and I remove the cookie), I can reproduce the problem every time. Moreover, I can see in the response header that the server send a Location directive to the browser.

Alex Aza · Answer 1 · 2011-06-07T07:43:19.907

2

This works on my web site

<location path="Services">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>

edited Jun 07 '11 at 07:43

answered Jun 07 '11 at 07:37

Alex Aza

76,499
26
155
134

VMAtm · Answer 2 · 2011-06-07T08:57:46.383

2

<location path="WSBaseCentrale.asmx">
   <system.web>
     <authorization>
       <allow users="*"/>
     </authorization>
   </system.web>
</location>

Did you try this?

Also you should check the anonymous authentication settings for your IIS, may be you just can't view your site anonymously.

edited Jun 07 '11 at 08:57

answered Jun 07 '11 at 07:42

VMAtm

27,943
17
79
125

yes I tryied this. But same result when I access to the page, I'm redirected to the form page (by a 302 redirection) – P. Sohm Jun 07 '11 at 07:42
WHere is WSBaseCentrale.asmx placed? In the root directory? – VMAtm Jun 07 '11 at 07:44
@Philippe Sohm, try to remove the allowOverride="false", as @Muhammad Akhtar have advised. At the other side, 302 redirect can cache itself, if you are checking not locally. – VMAtm Jun 07 '11 at 08:27
the anonymous user in iis is activated. When I use firebug, if I desactive the cache, and if I remove the cookie, I can reproduce the problem every time. Moreover, I can see in the response header that the server send a Location directive to the browser – P. Sohm Jun 07 '11 at 09:32

score 2 · Accepted Answer · edited Feb 16 '16 at 16:02

2

Remove allowOverride="false"

Also remove <allow users="?"/> and add it in place of <allow users="*"/>

Finally, make sure your webservice is in the root Directory, otherwise you have to specify the path accordingly.

edited Feb 16 '16 at 16:02

Off The Gold

1,228
15
28

answered Jun 07 '11 at 07:43

Muhammad Akhtar

51,913
37
138
191

I finally create another project. Your answer gave more elements although I didn't manage to my needs. Thanks you all. – P. Sohm Jun 07 '11 at 13:29

Disable web authentification in asp .net

3 Answers3