1

I have an asp.net site, and I need to use both Windows Auth and Anonymous Auth together.

I need Windows auth as I need to get the username of the logged on user, but also the site runs a web-service which must be accessed anonymously.

If I turn on Windows Auth I can get the user and this works fine, but the site calling the web-service returns a 401 error. If I add in Anonymous access too the site using the web-service works fine, but I can no longer get the username of the logged in user.

How can I get the best of both - i.e. get the user name, but not kill my web service.

Improve this question

1 Answer 1

Reset to default
1

You can add the following to disable access to specific locations within your directory tree

<location path="path.to.web.service">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>

while keeping the main site under control of the Windows authentication.

See : http://msdn.microsoft.com/en-us/library/b6x6shw7.aspx

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Cool - at risk of sounding like a complete noob, what format should the path.to.web.service be in?
directory/service.asmx or just service.asmx for you probably

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.