MVC4 has gone through some major changes in Windows Authentication functionality with IIS Express. In this article you will learn how to enable Windows Authentication in MVC4 Web Application on IIS Express.
MVC4 has gone through some major changes in Windows Authentication functionality with IIS Express. In this article you will learn how to enable Windows Authentication in MVC4 Web Application on IIS Express. Just use the following procedure.On the Cassini web server it was quite difficult to test Windows Authentication. It also doesn't support SSL, URL Rewriting Rules and so on. With IIS Express as your development server you allows have full advantage of all web-server features (SSL, URL Rewrite Rules and so on). IIS is a full-fledged web-server, which means you'll get an experience closer to what it will work like when you deploy the application on a production server.Use the following procedure to enable this in MVC4.Step 1Create an MVC Web Application, preferably using an Internet Application template or Intranet Application template.Step 2Open the Web.config file and make the following modifications:
<authentication mode="Windows" />I just commented out the Form Authentication and added Windows Authentication.Step 3By default MVC apps use Form Authentication and Simple Membership, so you need to make it "false" to run Windows Authentication.
Step 4Select the project name in Solution Explorer and then in the Property Explorer, click to enable Windows Authentication.These settings are called development server settings that work with IIS Express and they don't make any changes in the actual configuration settings.Step 5In the property explorer you can disable the Anonymous Authentication if you want your complete website for authenticated users on the development server.Step 6If you have already disabled the anonymous authentication as suggested in Step 5 above then you don't need to do/repeat this step.If you don't then let's go and make a controller action for authorized users, as given below.Alternatively, you can use an [Authorize] action filter with the controller directly instead of individual action methods to make every action method for authorized users.Step 7Notice that in the step above I'm using an [Authorize] action filter with an "About" action. So, when I hit the about view page, I'll be prompted to enter my Windows credentials.When I entered my credentials and hit Login, I will see my Windows authentication working.Step 8For further reading, please watch this nice video by Shivprasad Koirala sir (Questpond) https://www.youtube.com/watch?v=x4hzVLZjfLM. Hope this helps.
Diving Into ASP.NET WebAPI