Solution to Asp. Net authentication issues in WSS sites

We usually need to install and configure WSS because we usually need to use BAS and BAM in BizTalk projects (such as RosettaNet). By Default, WSS is upgraded to the Default Web Site (80, however, if Asp. net WebSite requires a Host in the default site 80, which may cause some authentication confusion and often lead to abnormal authentication, such

<Authentication mode = "Windows"/>
<Authorization>
<Allow users = "mailto: qi.ma@cn.abb.com"/>
<Allow users = "asiapacific \ cnmaqi1"/>
<Deny users = "*"/>
</Authorization>

--------------------

<Location path = "TIHandling. asmx">
<System. web>
<Authorization>
<Allow users = "? "/> <! -- <Allow users = "*"/> -->
</Authorization>
</System. web>
</Location>

Or the same problem occurs when you use the Asp. Net Login control.

<Authentication mode = "Forms">
<Forms name = ". ASPXAUTH"
LoginUrl = "Login. aspx"
Protection = "All"
Timeout = "30"
Path = "/"
RequireSSL = "false"
SlidingExpiration = "true"
DefaultUrl = "Default. aspx"
Cookieless = "UseDeviceProfile"
EnableCrossAppRedirects = "false"/>
</Authentication>

In the first place, I was puzzled. Later, I simply changed a Site, but it can be confirmed that it was caused by WSS. In the Default Web Site (80) there will be a sharepoint web under the site root directory. config, according to the official msdn statement, web. config has an inheritance relationship. It must be clear that asp.net authentication is performed in httpModules to view the web of sharepoint. config. The problem is found as follows:

<HttpModules>
<Clear/>
<Add name = "OutputCache" type = "System. Web. Caching. OutputCacheModule"/>
<Add name = "WindowsAuthentication" type = "System. Web. Security. WindowsAuthenticationModule"/>
<! -- <Add name = "Session" type = "System. Web. SessionState. SessionStateModule"/> -->
</HttpModules>

Compare the default web. config(C: \ WINDOWS \ Microsoft. NET \ Framework \ v2.0.50727 \ CONFIG \ web. config)

Make the following adjustments to web. config on your site. First clear all httpModules and add the standard httpModules again:

<System. web>

...............
<HttpModules>
<Clear/>
<Add name = "OutputCache" type = "System. Web. Caching. OutputCacheModule"/>
<Add name = "Session" type = "System. Web. SessionState. SessionStateModule"/>
<Add name = "WindowsAuthentication" type = "System. Web. Security. WindowsAuthenticationModule"/>
<Add name = "FormsAuthentication" type = "System. Web. Security. FormsAuthenticationModule"/>
<Add name = "PassportAuthentication" type = "System. Web. Security. PassportAuthenticationModule"/>
<Add name = "RoleManager" type = "System. Web. Security. RoleManagerModule"/>
<Add name = "UrlAuthorization" type = "System. Web. Security. UrlAuthorizationModule"/>
<Add name = "FileAuthorization" type = "System. Web. Security. FileAuthorizationModule"/>
<Add name = "AnonymousIdentification" type = "System. Web. Security. AnonymousIdentificationModule"/>
<Add name = "Profile" type = "System. Web. Profile. ProfileModule"/>
<Add name = "ErrorHandlerModule" type = "System. Web. Mobile. ErrorHandlerModule, System. Web. Mobile, Version = 2.0.0.0, Culture = neutral, PublicKeyToken = b03f5f7f11d50a3a"/>
</HttpModules>

.................

At this point, the Login control and other authentication work properly.

 

Tips: "*" indicates all users; "?" Indicates an anonymous user;