«

In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server setting
to use IIS. I then created the virtual directory (from the button in VS)
and then went and enabled Integrated Windows Authentication. The site
consists of just a single default.aspx file with nothing in it. When I
attempt to run the project, I get an http 403 access fobidden error.

What am I missing?

Thanks.

re:
!> enabled Integrated Windows Authentication
!> When I attempt to run the project, I get an http 403 access fobidden error

When you run ASP.NET with Windows Authentication enabled,
every single account which accesses the application must have
permission to access the app expressly granted.

Have you considered using Anonymous Authentication or Forms Authentication ?
Or, are you set on creating a Windows user account for every single user of your App ?





Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Scott M." <> wrote in message news:...
> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server setting to use IIS. I then created the virtual
> directory (from the button in VS) and then went and enabled Integrated Windows Authentication. The site consists of
> just a single default.aspx file with nothing in it. When I attempt to run the project, I get an http 403 access
> fobidden error.
>
> What am I missing?
>
> Thanks.
>

"Juan T. Llibre" <> wrote in message
news:...
> re:
> !> enabled Integrated Windows Authentication
> !> When I attempt to run the project, I get an http 403 access fobidden
> error
>
> When you run ASP.NET with Windows Authentication enabled,
> every single account which accesses the application must have
> permission to access the app expressly granted.
>
> Have you considered using Anonymous Authentication or Forms Authentication
> ?

Anonymous Access is on by default. I only turned on Integrated Windows
Authentication (in addition to the automatically enabled Anonymous Access)
because Visual Studio complained that Integrated Windows Authentication must
be on in order to debug the application.

> Or, are you set on creating a Windows user account for every single user
> of your App ?

See above.

>
>
>
>
>
> Juan T. Llibre, asp.net MVP
> asp.net faq : http://asp.net.do/faq/
> foros de asp.net, en español : http://asp.net.do/foros/
> ======================================
> "Scott M." <> wrote in message
> news:...
>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server
>> setting to use IIS. I then created the virtual directory (from the
>> button in VS) and then went and enabled Integrated Windows
>> Authentication. The site consists of just a single default.aspx file
>> with nothing in it. When I attempt to run the project, I get an http 403
>> access fobidden error.
>>
>> What am I missing?
>>
>> Thanks.
>>
>
>

re:
!> Anonymous Access is on by default. I only turned on Integrated Windows
!> Authentication (in addition to the automatically enabled Anonymous Access)

Integrated Windows Authentication overrides the Anonymous authentication default.

When you "only turned on Integrated Windows Authentication", in effect,
you are requiring *all* clients which access your application to have an
account on the server which is hosting it.

re:
!> Integrated Windows Authentication must be on in order to debug the application

Which OS are you using ? Which version of IIS are you using ?
There's different solutions for different OS/IIS versions.

There's a slew of reports/solutions for the problem you report at :
http://www.google.com/search?hl=en&q...hentication%22




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Scott M." <> wrote in message news:utGU6%...
>
> "Juan T. Llibre" <> wrote in message news:...
>> re:
>> !> enabled Integrated Windows Authentication
>> !> When I attempt to run the project, I get an http 403 access fobidden error
>>
>> When you run ASP.NET with Windows Authentication enabled,
>> every single account which accesses the application must have
>> permission to access the app expressly granted.

>>
>> Have you considered using Anonymous Authentication or Forms Authentication ?

> Anonymous Access is on by default. I only turned on Integrated Windows Authentication (in addition to the
> automatically enabled Anonymous Access) because Visual Studio complained that Integrated Windows Authentication must
> be on in order to debug the application.

>> Or, are you set on creating a Windows user account for every single user of your App ?
>
> See above.


>>
>> Juan T. Llibre, asp.net MVP
>> asp.net faq : http://asp.net.do/faq/
>> foros de asp.net, en español : http://asp.net.do/foros/
>> ======================================
>> "Scott M." <> wrote in message news:...
>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server setting to use IIS. I then created the virtual
>>> directory (from the button in VS) and then went and enabled Integrated Windows Authentication. The site consists of
>>> just a single default.aspx file with nothing in it. When I attempt to run the project, I get an http 403 access
>>> fobidden error.
>>>
>>> What am I missing?
>>>
>>> Thanks.
>>>
>>
>>
>
>

"Juan T. Llibre" <> wrote in message
news:%...
> re:
> !> Anonymous Access is on by default. I only turned on Integrated Windows
> !> Authentication (in addition to the automatically enabled Anonymous
> Access)
>
> Integrated Windows Authentication overrides the Anonymous authentication
> default.

I'm not so sure about that since both Anonymous and Integrated Windows are
checked simultaneously. If selecting one disabled the other, I would expect
that you would not be able to select them both together. I believe that
selecting both allows IIS to have the benefits of both. VS needs integrated
Windows authentication to make debugging work.

> When you "only turned on Integrated Windows Authentication", in effect,
> you are requiring *all* clients which access your application to have an
> account on the server which is hosting it.
>
> re:
> !> Integrated Windows Authentication must be on in order to debug the
> application
>
> Which OS are you using ? Which version of IIS are you using ?

XP Pro. SP2 / IIS 6.0

> There's different solutions for different OS/IIS versions.
>
> There's a slew of reports/solutions for the problem you report at :
> http://www.google.com/search?hl=en&q...hentication%22

Yes, I've already seen those but that's not really the point of my post.

Even with what you are saying, I should be able to see the page I'm trying
to access since I do, in fact, have a Windows account on the development
server that I'm testing against and even still, I get a 403 error.



>
>
>
>
> Juan T. Llibre, asp.net MVP
> asp.net faq : http://asp.net.do/faq/
> foros de asp.net, en español : http://asp.net.do/foros/
> ======================================
> "Scott M." <> wrote in message
> news:utGU6%...
>>
>> "Juan T. Llibre" <> wrote in message
>> news:...
>>> re:
>>> !> enabled Integrated Windows Authentication
>>> !> When I attempt to run the project, I get an http 403 access fobidden
>>> error
>>>
>>> When you run ASP.NET with Windows Authentication enabled,
>>> every single account which accesses the application must have
>>> permission to access the app expressly granted.
>
>>>
>>> Have you considered using Anonymous Authentication or Forms
>>> Authentication ?
>
>> Anonymous Access is on by default. I only turned on Integrated Windows
>> Authentication (in addition to the automatically enabled Anonymous
>> Access) because Visual Studio complained that Integrated Windows
>> Authentication must be on in order to debug the application.
>
>>> Or, are you set on creating a Windows user account for every single user
>>> of your App ?
>>
>> See above.
>
>
>>>
>>> Juan T. Llibre, asp.net MVP
>>> asp.net faq : http://asp.net.do/faq/
>>> foros de asp.net, en español : http://asp.net.do/foros/
>>> ======================================
>>> "Scott M." <> wrote in message
>>> news:...
>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server
>>>> setting to use IIS. I then created the virtual directory (from the
>>>> button in VS) and then went and enabled Integrated Windows
>>>> Authentication. The site consists of just a single default.aspx file
>>>> with nothing in it. When I attempt to run the project, I get an http
>>>> 403 access fobidden error.
>>>>
>>>> What am I missing?
>>>>
>>>> Thanks.
>>>>
>>>
>>>
>>
>>
>
>

Correction: IIS 5.1

Also, from the IIS documentation:

Once integrated Windows authentication is enabled, your Web server will only
use it under the following conditions:

-Anonymous access is disabled.

-Anonymous access is denied because Windows file system permissions have
been set, requiring the users to provide a Windows user name and password
before establishing a connection with restricted content.

Contrary to your statement that Windows authentication overrides anonymous
authentication, this indicates that Windows authentication will only be used
when anonymous is turned off (which, in my case, it is not) or when
anonymous access is tried but denied.

-Scott





"Scott M." <> wrote in message
news:EE768BA4-D4BA-4206-A9C6-...
>
> "Juan T. Llibre" <> wrote in message
> news:%...
>> re:
>> !> Anonymous Access is on by default. I only turned on Integrated
>> Windows
>> !> Authentication (in addition to the automatically enabled Anonymous
>> Access)
>>
>> Integrated Windows Authentication overrides the Anonymous authentication
>> default.
>
> I'm not so sure about that since both Anonymous and Integrated Windows are
> checked simultaneously. If selecting one disabled the other, I would
> expect that you would not be able to select them both together. I believe
> that selecting both allows IIS to have the benefits of both. VS needs
> integrated Windows authentication to make debugging work.
>
>> When you "only turned on Integrated Windows Authentication", in effect,
>> you are requiring *all* clients which access your application to have an
>> account on the server which is hosting it.
>>
>> re:
>> !> Integrated Windows Authentication must be on in order to debug the
>> application
>>
>> Which OS are you using ? Which version of IIS are you using ?
>
> XP Pro. SP2 / IIS 6.0
>
>> There's different solutions for different OS/IIS versions.
>>
>> There's a slew of reports/solutions for the problem you report at :
>> http://www.google.com/search?hl=en&q...hentication%22
>
> Yes, I've already seen those but that's not really the point of my post.
>
> Even with what you are saying, I should be able to see the page I'm trying
> to access since I do, in fact, have a Windows account on the development
> server that I'm testing against and even still, I get a 403 error.
>
>
>
>>
>>
>>
>>
>> Juan T. Llibre, asp.net MVP
>> asp.net faq : http://asp.net.do/faq/
>> foros de asp.net, en español : http://asp.net.do/foros/
>> ======================================
>> "Scott M." <> wrote in message
>> news:utGU6%...
>>>
>>> "Juan T. Llibre" <> wrote in message
>>> news:...
>>>> re:
>>>> !> enabled Integrated Windows Authentication
>>>> !> When I attempt to run the project, I get an http 403 access fobidden
>>>> error
>>>>
>>>> When you run ASP.NET with Windows Authentication enabled,
>>>> every single account which accesses the application must have
>>>> permission to access the app expressly granted.
>>
>>>>
>>>> Have you considered using Anonymous Authentication or Forms
>>>> Authentication ?
>>
>>> Anonymous Access is on by default. I only turned on Integrated Windows
>>> Authentication (in addition to the automatically enabled Anonymous
>>> Access) because Visual Studio complained that Integrated Windows
>>> Authentication must be on in order to debug the application.
>>
>>>> Or, are you set on creating a Windows user account for every single
>>>> user of your App ?
>>>
>>> See above.
>>
>>
>>>>
>>>> Juan T. Llibre, asp.net MVP
>>>> asp.net faq : http://asp.net.do/faq/
>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>> ======================================
>>>> "Scott M." <> wrote in message
>>>> news:...
>>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server
>>>>> setting to use IIS. I then created the virtual directory (from the
>>>>> button in VS) and then went and enabled Integrated Windows
>>>>> Authentication. The site consists of just a single default.aspx file
>>>>> with nothing in it. When I attempt to run the project, I get an http
>>>>> 403 access fobidden error.
>>>>>
>>>>> What am I missing?
>>>>>
>>>>> Thanks.
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>

re:
!> I believe that selecting both allows IIS to have the benefits of both. VS needs integrated

If you select Windows Integrated Authentication, anonymous users won't be able to login.

re:
!> Even with what you are saying, I should be able to see the page I'm trying
!> to access since I do, in fact, have a Windows account on the development
!> server that I'm testing against and even still, I get a 403 error.

That depends on how you've configured ASP.NET.

ASP.NET has a *separate* authentication configuration which IIS doesn't interfere with.

In web.config, you must specify <authentication mode="Windows">
if you want Windows Integrated Authentication to work in ASP.NET.

See : http://msdn2.microsoft.com/en-us/lib...ication_topic5

<quote>
"Windows authentication, also called Integrated Windows authentication, uses Windows operating
system accounts to verify a user's credentials. This means that the user must either be logged in
to the domain on which the server is running (in which case they will not be queried for credentials),
or must log in to the domain when they try to access a protected page.

This authentication scheme is part of IIS, and must be configured and executed by IIS;
it is entirely separate from ASP.NET and is not, as such, an ASP.NET authentication mechanism."
</quote>

If you're running an ASP.NET application, you must configure <authentication mode="Windows"> in web.config.





Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Scott M." <> wrote in message news:EE768BA4-D4BA-4206-A9C6-...
>
> "Juan T. Llibre" <> wrote in message news:%...
>> re:
>> !> Anonymous Access is on by default. I only turned on Integrated Windows
>> !> Authentication (in addition to the automatically enabled Anonymous Access)
>>
>> Integrated Windows Authentication overrides the Anonymous authentication default.
>
> I'm not so sure about that since both Anonymous and Integrated Windows are checked simultaneously. If selecting one
> disabled the other, I would expect that you would not be able to select them both together. I believe that selecting
> both allows IIS to have the benefits of both. VS needs integrated Windows authentication to make debugging work.
>
>> When you "only turned on Integrated Windows Authentication", in effect,
>> you are requiring *all* clients which access your application to have an
>> account on the server which is hosting it.
>>
>> re:
>> !> Integrated Windows Authentication must be on in order to debug the application
>>
>> Which OS are you using ? Which version of IIS are you using ?
>
> XP Pro. SP2 / IIS 6.0
>
>> There's different solutions for different OS/IIS versions.
>>
>> There's a slew of reports/solutions for the problem you report at :
>> http://www.google.com/search?hl=en&q...hentication%22
>
> Yes, I've already seen those but that's not really the point of my post.
>
> Even with what you are saying, I should be able to see the page I'm trying to access since I do, in fact, have a
> Windows account on the development server that I'm testing against and even still, I get a 403 error.
>
>
>
>>
>>
>>
>>
>> Juan T. Llibre, asp.net MVP
>> asp.net faq : http://asp.net.do/faq/
>> foros de asp.net, en español : http://asp.net.do/foros/
>> ======================================
>> "Scott M." <> wrote in message news:utGU6%...
>>>
>>> "Juan T. Llibre" <> wrote in message news:...
>>>> re:
>>>> !> enabled Integrated Windows Authentication
>>>> !> When I attempt to run the project, I get an http 403 access fobidden error
>>>>
>>>> When you run ASP.NET with Windows Authentication enabled,
>>>> every single account which accesses the application must have
>>>> permission to access the app expressly granted.
>>
>>>>
>>>> Have you considered using Anonymous Authentication or Forms Authentication ?
>>
>>> Anonymous Access is on by default. I only turned on Integrated Windows Authentication (in addition to the
>>> automatically enabled Anonymous Access) because Visual Studio complained that Integrated Windows Authentication must
>>> be on in order to debug the application.
>>
>>>> Or, are you set on creating a Windows user account for every single user of your App ?
>>>
>>> See above.
>>
>>
>>>>
>>>> Juan T. Llibre, asp.net MVP
>>>> asp.net faq : http://asp.net.do/faq/
>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>> ======================================
>>>> "Scott M." <> wrote in message news:...
>>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server setting to use IIS. I then created the
>>>>> virtual directory (from the button in VS) and then went and enabled Integrated Windows Authentication. The site
>>>>> consists of just a single default.aspx file with nothing in it. When I attempt to run the project, I get an http
>>>>> 403 access fobidden error.
>>>>>
>>>>> What am I missing?
>>>>>
>>>>> Thanks.
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>

No matter how much you nitpick my post,
if you enable Windows Integrated Authentication, anonymous access is not allowed.

The info you quoted is quite specific :

!> Anonymous access is denied because Windows file system permissions have
!> been set, requiring the users to provide a Windows user name and password
!> before establishing a connection with restricted content.

See my previous post for more details regarding use of Windows Authentication with ASP.NET.

re:
!> Contrary to your statement that Windows authentication overrides anonymous authentication
!> this indicates that Windows authentication will only be used when anonymous is turned off

Not true.

Once Windows Integrated Authetication is selected, anonymous
authentication is not possible, at least within non-ASP.NET IIS applications.

For ASP.NET, certain special rules apply.

Follow the link I provided in my previous post for details on
how to require Windows Authentication for an ASP.NET app.




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
======================================
"Scott M." <> wrote in message news:eM%...
> Correction: IIS 5.1
>
> Also, from the IIS documentation:
>
> Once integrated Windows authentication is enabled, your Web server will only use it under the following conditions:
>
> -Anonymous access is disabled.
>
> -Anonymous access is denied because Windows file system permissions have been set, requiring the users to provide a
> Windows user name and password before establishing a connection with restricted content.

> Contrary to your statement that Windows authentication overrides anonymous authentication, this indicates that Windows
> authentication will only be used when anonymous is turned off (which, in my case, it is not) or when anonymous access
> is tried but denied.
>
> -Scott
>
>
>
>
>
> "Scott M." <> wrote in message news:EE768BA4-D4BA-4206-A9C6-...
>>
>> "Juan T. Llibre" <> wrote in message news:%...
>>> re:
>>> !> Anonymous Access is on by default. I only turned on Integrated Windows
>>> !> Authentication (in addition to the automatically enabled Anonymous Access)
>>>
>>> Integrated Windows Authentication overrides the Anonymous authentication default.
>>
>> I'm not so sure about that since both Anonymous and Integrated Windows are checked simultaneously. If selecting one
>> disabled the other, I would expect that you would not be able to select them both together. I believe that selecting
>> both allows IIS to have the benefits of both. VS needs integrated Windows authentication to make debugging work.
>>
>>> When you "only turned on Integrated Windows Authentication", in effect,
>>> you are requiring *all* clients which access your application to have an
>>> account on the server which is hosting it.
>>>
>>> re:
>>> !> Integrated Windows Authentication must be on in order to debug the application
>>>
>>> Which OS are you using ? Which version of IIS are you using ?
>>
>> XP Pro. SP2 / IIS 6.0
>>
>>> There's different solutions for different OS/IIS versions.
>>>
>>> There's a slew of reports/solutions for the problem you report at :
>>> http://www.google.com/search?hl=en&q...hentication%22
>>
>> Yes, I've already seen those but that's not really the point of my post.
>>
>> Even with what you are saying, I should be able to see the page I'm trying to access since I do, in fact, have a
>> Windows account on the development server that I'm testing against and even still, I get a 403 error.
>>
>>
>>
>>>
>>>
>>>
>>>
>>> Juan T. Llibre, asp.net MVP
>>> asp.net faq : http://asp.net.do/faq/
>>> foros de asp.net, en español : http://asp.net.do/foros/
>>> ======================================
>>> "Scott M." <> wrote in message news:utGU6%...
>>>>
>>>> "Juan T. Llibre" <> wrote in message news:...
>>>>> re:
>>>>> !> enabled Integrated Windows Authentication
>>>>> !> When I attempt to run the project, I get an http 403 access fobidden error
>>>>>
>>>>> When you run ASP.NET with Windows Authentication enabled,
>>>>> every single account which accesses the application must have
>>>>> permission to access the app expressly granted.
>>>
>>>>>
>>>>> Have you considered using Anonymous Authentication or Forms Authentication ?
>>>
>>>> Anonymous Access is on by default. I only turned on Integrated Windows Authentication (in addition to the
>>>> automatically enabled Anonymous Access) because Visual Studio complained that Integrated Windows Authentication
>>>> must be on in order to debug the application.
>>>
>>>>> Or, are you set on creating a Windows user account for every single user of your App ?
>>>>
>>>> See above.
>>>
>>>
>>>>>
>>>>> Juan T. Llibre, asp.net MVP
>>>>> asp.net faq : http://asp.net.do/faq/
>>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>>> ======================================
>>>>> "Scott M." <> wrote in message news:...
>>>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server setting to use IIS. I then created the
>>>>>> virtual directory (from the button in VS) and then went and enabled Integrated Windows Authentication. The site
>>>>>> consists of just a single default.aspx file with nothing in it. When I attempt to run the project, I get an http
>>>>>> 403 access fobidden error.
>>>>>>
>>>>>> What am I missing?
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>

See my last post (which I think you missed).

And, comments here too, inline...


"Juan T. Llibre" <> wrote in message
news:Owc0%...
> re:
> !> I believe that selecting both allows IIS to have the benefits of both.
> VS needs integrated
>
> If you select Windows Integrated Authentication, anonymous users won't be
> able to login.

Not true - see my other post.

>
> re:
> !> Even with what you are saying, I should be able to see the page I'm
> trying
> !> to access since I do, in fact, have a Windows account on the
> development
> !> server that I'm testing against and even still, I get a 403 error.
>
> That depends on how you've configured ASP.NET.
>
> ASP.NET has a *separate* authentication configuration which IIS doesn't
> interfere with.

I know. If I set it to Form, Windows or None, I get the same results.

>
> In web.config, you must specify <authentication mode="Windows">
> if you want Windows Integrated Authentication to work in ASP.NET.
>
> See :
> http://msdn2.microsoft.com/en-us/lib...ication_topic5

Not quite. As you point out the ASP .NET setting is separate from the IIS
setting (although you can set the ASP .NET setting via the ASP .NET tab in
IIS without having to do it in web config).

Let's be clear here. The only reason I have Windows authentication turned
on in IIS is because VS will not enter debug mode without it. I am not
trying to create a Windows authenticated ASP .NET web site and so I would
not set the ASP .NET setting to Windows authentication.

As I point out in my other post you can have both Anonymous and Windows
authentication turned on at the same time and this solves the VS debugging
error.

>
> <quote>
> "Windows authentication, also called Integrated Windows authentication,
> uses Windows operating
> system accounts to verify a user's credentials. This means that the user
> must either be logged in
> to the domain on which the server is running (in which case they will not
> be queried for credentials),
> or must log in to the domain when they try to access a protected page.
>
> This authentication scheme is part of IIS, and must be configured and
> executed by IIS;
> it is entirely separate from ASP.NET and is not, as such, an ASP.NET
> authentication mechanism."
> </quote>
>
> If you're running an ASP.NET application, you must configure
> <authentication mode="Windows"> in web.config.>

Uh, no that's not true.



>
>
>
>
> Juan T. Llibre, asp.net MVP
> asp.net faq : http://asp.net.do/faq/
> foros de asp.net, en español : http://asp.net.do/foros/
> ======================================
> "Scott M." <> wrote in message
> news:EE768BA4-D4BA-4206-A9C6-...
>>
>> "Juan T. Llibre" <> wrote in message
>> news:%...
>>> re:
>>> !> Anonymous Access is on by default. I only turned on Integrated
>>> Windows
>>> !> Authentication (in addition to the automatically enabled Anonymous
>>> Access)
>>>
>>> Integrated Windows Authentication overrides the Anonymous authentication
>>> default.
>>
>> I'm not so sure about that since both Anonymous and Integrated Windows
>> are checked simultaneously. If selecting one
>> disabled the other, I would expect that you would not be able to select
>> them both together. I believe that selecting
>> both allows IIS to have the benefits of both. VS needs integrated
Windows authentication to make debugging work.
>>
>>> When you "only turned on Integrated Windows Authentication", in effect,
>>> you are requiring *all* clients which access your application to have an
>>> account on the server which is hosting it.
>>>
>>> re:
>>> !> Integrated Windows Authentication must be on in order to debug the
>>> application
>>>
>>> Which OS are you using ? Which version of IIS are you using ?
>>
>> XP Pro. SP2 / IIS 6.0
>>
>>> There's different solutions for different OS/IIS versions.
>>>
>>> There's a slew of reports/solutions for the problem you report at :
>>> http://www.google.com/search?hl=en&q...hentication%22
>>
>> Yes, I've already seen those but that's not really the point of my post.
>>
>> Even with what you are saying, I should be able to see the page I'm
>> trying to access since I do, in fact, have a
>> Windows account on the development server that I'm testing against and
>> even still, I get a 403 error.
>>
>>
>>
>>>
>>>
>>>
>>>
>>> Juan T. Llibre, asp.net MVP
>>> asp.net faq : http://asp.net.do/faq/
>>> foros de asp.net, en español : http://asp.net.do/foros/
>>> ======================================
>>> "Scott M." <> wrote in message
>>> news:utGU6%...
>>>>
>>>> "Juan T. Llibre" <> wrote in message
>>>> news:...
>>>>> re:
>>>>> !> enabled Integrated Windows Authentication
>>>>> !> When I attempt to run the project, I get an http 403 access
>>>>> fobidden error
>>>>>
>>>>> When you run ASP.NET with Windows Authentication enabled,
>>>>> every single account which accesses the application must have
>>>>> permission to access the app expressly granted.
>>>
>>>>>
>>>>> Have you considered using Anonymous Authentication or Forms
>>>>> Authentication ?
>>>
>>>> Anonymous Access is on by default. I only turned on Integrated Windows
>>>> Authentication (in addition to the
>>>> automatically enabled Anonymous Access) because Visual Studio
>>>> complained that Integrated Windows Authentication must
>>>> be on in order to debug the application.
>>>
>>>>> Or, are you set on creating a Windows user account for every single
>>>>> user of your App ?
>>>>
>>>> See above.
>>>
>>>
>>>>>
>>>>> Juan T. Llibre, asp.net MVP
>>>>> asp.net faq : http://asp.net.do/faq/
>>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>>> ======================================
>>>>> "Scott M." <> wrote in message
>>>>> news:...
>>>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server
>>>>>> setting to use IIS. I then created the
>>>>>> virtual directory (from the button in VS) and then went and enabled
>>>>>> Integrated Windows Authentication. The site
>>>>>> consists of just a single default.aspx file with nothing in it. When
>>>>>> I attempt to run the project, I get an http
>>>>>> 403 access fobidden error.
>>>>>>
>>>>>> What am I missing?
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>
>

Your trying to solve the wrong problem here Juan.

I'm not "trying" to make a Windows Authenticated ASP .NET web site. I'm
simply trying to make a brand new, one blank page site/project come up using
IIS, rather than the ASP .NET development server.

I'm not looking for documentation on how to use Windows Authentication. I
only turned it on because VS say's it needs it for debugging purposes. I
know that you don't have to convert your site to a Windows Authenticated
site just to test a single, blank page.

I also know that the IIS documentation directly contradicts what you are
saying.

Thanks anyway, but the path you are going down is not the path that relates
to my question.

"Juan T. Llibre" <> wrote in message
news:...
> No matter how much you nitpick my post,
> if you enable Windows Integrated Authentication, anonymous access is not
> allowed.
>
> The info you quoted is quite specific :
>
> !> Anonymous access is denied because Windows file system permissions have
> !> been set, requiring the users to provide a Windows user name and
> password
> !> before establishing a connection with restricted content.
>
> See my previous post for more details regarding use of Windows
> Authentication with ASP.NET.
>
> re:
> !> Contrary to your statement that Windows authentication overrides
> anonymous authentication
> !> this indicates that Windows authentication will only be used when
> anonymous is turned off
>
> Not true.
>
> Once Windows Integrated Authetication is selected, anonymous
> authentication is not possible, at least within non-ASP.NET IIS
> applications.
>
> For ASP.NET, certain special rules apply.
>
> Follow the link I provided in my previous post for details on
> how to require Windows Authentication for an ASP.NET app.
>
>
>
>
> Juan T. Llibre, asp.net MVP
> asp.net faq : http://asp.net.do/faq/
> foros de asp.net, en español : http://asp.net.do/foros/
> ======================================
> "Scott M." <> wrote in message
> news:eM%...
>> Correction: IIS 5.1
>>
>> Also, from the IIS documentation:
>>
>> Once integrated Windows authentication is enabled, your Web server will
>> only use it under the following conditions:
>>
>> -Anonymous access is disabled.
>>
>> -Anonymous access is denied because Windows file system permissions have
>> been set, requiring the users to provide a Windows user name and password
>> before establishing a connection with restricted content.
>
>> Contrary to your statement that Windows authentication overrides
>> anonymous authentication, this indicates that Windows authentication will
>> only be used when anonymous is turned off (which, in my case, it is not)
>> or when anonymous access is tried but denied.
>>
>> -Scott
>>
>>
>>
>>
>>
>> "Scott M." <> wrote in message
>> news:EE768BA4-D4BA-4206-A9C6-...
>>>
>>> "Juan T. Llibre" <> wrote in message
>>> news:%...
>>>> re:
>>>> !> Anonymous Access is on by default. I only turned on Integrated
>>>> Windows
>>>> !> Authentication (in addition to the automatically enabled Anonymous
>>>> Access)
>>>>
>>>> Integrated Windows Authentication overrides the Anonymous
>>>> authentication default.
>>>
>>> I'm not so sure about that since both Anonymous and Integrated Windows
>>> are checked simultaneously. If selecting one disabled the other, I
>>> would expect that you would not be able to select them both together. I
>>> believe that selecting both allows IIS to have the benefits of both. VS
>>> needs integrated Windows authentication to make debugging work.
>>>
>>>> When you "only turned on Integrated Windows Authentication", in effect,
>>>> you are requiring *all* clients which access your application to have
>>>> an
>>>> account on the server which is hosting it.
>>>>
>>>> re:
>>>> !> Integrated Windows Authentication must be on in order to debug the
>>>> application
>>>>
>>>> Which OS are you using ? Which version of IIS are you using ?
>>>
>>> XP Pro. SP2 / IIS 6.0
>>>
>>>> There's different solutions for different OS/IIS versions.
>>>>
>>>> There's a slew of reports/solutions for the problem you report at :
>>>> http://www.google.com/search?hl=en&q...hentication%22
>>>
>>> Yes, I've already seen those but that's not really the point of my post.
>>>
>>> Even with what you are saying, I should be able to see the page I'm
>>> trying to access since I do, in fact, have a Windows account on the
>>> development server that I'm testing against and even still, I get a 403
>>> error.
>>>
>>>
>>>
>>>>
>>>>
>>>>
>>>>
>>>> Juan T. Llibre, asp.net MVP
>>>> asp.net faq : http://asp.net.do/faq/
>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>> ======================================
>>>> "Scott M." <> wrote in message
>>>> news:utGU6%...
>>>>>
>>>>> "Juan T. Llibre" <> wrote in message
>>>>> news:...
>>>>>> re:
>>>>>> !> enabled Integrated Windows Authentication
>>>>>> !> When I attempt to run the project, I get an http 403 access
>>>>>> fobidden error
>>>>>>
>>>>>> When you run ASP.NET with Windows Authentication enabled,
>>>>>> every single account which accesses the application must have
>>>>>> permission to access the app expressly granted.
>>>>
>>>>>>
>>>>>> Have you considered using Anonymous Authentication or Forms
>>>>>> Authentication ?
>>>>
>>>>> Anonymous Access is on by default. I only turned on Integrated
>>>>> Windows Authentication (in addition to the automatically enabled
>>>>> Anonymous Access) because Visual Studio complained that Integrated
>>>>> Windows Authentication must be on in order to debug the application.
>>>>
>>>>>> Or, are you set on creating a Windows user account for every single
>>>>>> user of your App ?
>>>>>
>>>>> See above.
>>>>
>>>>
>>>>>>
>>>>>> Juan T. Llibre, asp.net MVP
>>>>>> asp.net faq : http://asp.net.do/faq/
>>>>>> foros de asp.net, en español : http://asp.net.do/foros/
>>>>>> ======================================
>>>>>> "Scott M." <> wrote in message
>>>>>> news:...
>>>>>>> In my ASP .NET 2.0 Web Applicaiton Project, I've changed the server
>>>>>>> setting to use IIS. I then created the virtual directory (from the
>>>>>>> button in VS) and then went and enabled Integrated Windows
>>>>>>> Authentication. The site consists of just a single default.aspx
>>>>>>> file with nothing in it. When I attempt to run the project, I get
>>>>>>> an http 403 access fobidden error.
>>>>>>>
>>>>>>> What am I missing?
>>>>>>>
>>>>>>> Thanks.
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>
>