Subscribe

Close

Thank you for visiting!

Please consider subscribing to the RSS feed or following me on Twitter.

Make Forms Authentication work in IIS 7

When experiencing Forms Authentication problems in IIS 7, step through this list to make sure everythings in place for Forms Authentication to work:

  1. Make sure Forms Authentication is enabled for your website in IIS.
    In IIS 7, browse to your website, go to Authentication and make sure Forms Authentication is set to Enabled, like this:

    Forms Authentication set to enabled in IIS 7

  2. Make sure your Web.Config settings looks something like this:

    <authentication mode="Forms">
    	<forms name="aspxFormsAuth" defaultUrl="/Admin"
    		   loginUrl="/Admin/Signin.aspx" protection="All" timeout="90" />
    </authentication>

    Also, make sure you've not missed the location element:

    <location path="admin">
    	<system.web>
    		<authorization>
    			<deny users="?"/>
    		</authorization>
    	</system.web>
    </location>
  3. Make sure <modules> in <system.webServer> has the runAllManagedModulesForAllRequests attribute set to true:

    <system.webServer>
    	<modules runAllManagedModulesForAllRequests="true" />
    </system.webServer>

    If you got the 403.14 error, this might solve it.

  4. Finally, you could try the ordinary iisreset or aspnet_regiis -i command. Make sure you run aspnet_regiis -i on c:\Windows\Microsoft.NET\Framework\v4.0.30319 (or Framework64 if you're running a 64 bit OS).

Comments

Hi, thanx for the post.
I still don't understant why we need to enabled Anonymous access on IIS to make Forms authentication works ?

<location path="page ou folder">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

To the top