Bones Authentication <basicAuthentication>

  • Commodity
  • 5 minutes to read

Overview

The <basicAuthentication> element contains configuration settings for the Internet Information Services (IIS) vii Basic authentication module. Yous configure this element to enable or disable Basic authentication, identify the realm and default logon domain, and determine the logon method the module uses.

The Basic authentication scheme is a widely used, manufacture-standard method for collecting user name and countersign information. Basic authentication transmits user names and passwords across the network in an unencrypted form. You can use SSL encryption in combination with Basic authentication to help secure user account information transmitted beyond the Internet or a corporate network.

Compatibility

Version Notes
IIS 10.0 The <basicAuthentication> element was non modified in IIS 10.0.
IIS 8.5 The <basicAuthentication> element was not modified in IIS 8.v.
IIS viii.0 The <basicAuthentication> element was non modified in IIS 8.0.
IIS seven.5 The <basicAuthentication> element was not modified in IIS 7.5.
IIS vii.0 The <basicAuthentication> element was introduced in IIS seven.0.
IIS vi.0 The <basicAuthentication> element replaces portions of the IIS 6.0 AuthType and AuthFlags metabase backdrop.

Setup

The default installation of IIS 7 and later does not include the Bones authentication role service. To utilize Basic hallmark on Net Data Services (IIS), you must install the role service, disable Anonymous authentication for your Web site or application, and then enable Basic authentication for the site or application.

To install the Basic authentication role service, utilize the post-obit steps.

Windows Server 2012 or Windows Server 2012 R2

  1. On the taskbar, click Server Director.
  2. In Server Manager, click the Manage bill of fare, then click Add Roles and Features.
  3. In the Add Roles and Features wizard, click Next. Select the installation blazon and click Next. Select the destination server and click Next.
  4. On the Server Roles folio, expand Spider web Server (IIS), aggrandize Web Server, expand Security, and then select Bones Authentication. Click Adjacent.
    Screenshot of Basic Authentication selected in a Windows Server 2012 interface. .
  5. On the Select features page, click Next.
  6. On the Ostend installation selections page, click Install.
  7. On the Results folio, click Close.

Windows 8 or Windows 8.1

  1. On the Start screen, move the pointer all the way to the lower left corner, right-click the Commencement button, and then click Control Panel.
  2. In Control Panel, click Programs and Features, and then click Plow Windows features on or off.
  3. Expand Internet Information Services, expand Globe Broad Spider web Services, aggrandize Security, then select Basic Authentication.
    Screenshot of Basic Authentication selected in a Windows 8 interface.
  4. Click OK.
  5. Click Shut.

Windows Server 2008 or Windows Server 2008 R2

  1. On the taskbar, click Commencement, point to Administrative Tools, and so click Server Managing director.
  2. In the Server Manager hierarchy pane, expand Roles, and and so click Web Server (IIS).
  3. In the Spider web Server (IIS) pane, scroll to the Office Services department, and and then click Add Office Services.
  4. On the Select Role Services folio of the Add Role Services Wizard, select Basic Authentication, and then click Next. Screenshot of Basic Authentication selected in a Windows Server 2008 interface.
  5. On the Ostend Installation Selections page, click Install.
  6. On the Results page, click Close.

Windows Vista or Windows 7

  1. On the taskbar, click Start, and and then click Command Panel.
  2. In Control Panel, click Programs and Features, and then click Plow Windows Features on or off.
  3. Expand Cyberspace Information Services, expand Www Services, expand Security, select Basic Hallmark, and so click OK.
    Screenshot of Basic Authentication selected in a Windows Vista or Windows 7 interface.

How To

How to enable basic hallmark and disable bearding authentication

  1. Open Internet Information Services (IIS) Manager:

    • If you are using Windows Server 2012 or Windows Server 2012 R2:

      • On the taskbar, click Server Manager, click Tools, and then click Net Data Services (IIS) Manager.

    • If yous are using Windows viii or Windows 8.i:

      • Hold downward the Windows central, press the alphabetic character X, and then click Control Panel.
      • Click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.

    • If you lot are using Windows Server 2008 or Windows Server 2008 R2:

      • On the taskbar, click Showtime, indicate to Administrative Tools, and so click Internet Information Services (IIS) Manager.

    • If you lot are using Windows Vista or Windows seven:

      • On the taskbar, click Starting time, and and then click Command Panel.
      • Double-click Administrative Tools, and then double-click Internet Data Services (IIS) Manager.

  2. In the Connections pane, expand the server proper noun, expand Sites, so click the site, application or Web service for which yous want to enable basic authentication.

  3. Coil to the Security section in the Home pane, and so double-click Authentication.

  4. In the Hallmark pane, select Basic Authentication, and then, in the Deportment pane, click Enable.

  5. In the Authentication pane, select Anonymous Authentication, so click Disable in the Actions pane.
    Screenshot of Anonymous Authentication selected in the Authentication pane.

Configuration

The <basicAuthentication> element is configurable at the site, application, virtual directory, and URL level. After you install the role service, IIS 7 commits the following configuration settings to the ApplicationHost.config file.

              <basicAuthentication enabled='false' />

Attributes

Attribute Description
defaultLogonDomain Optional Cord attribute.

Specifies the default logon domain for Basic authentication.
enabled Optional Boolean attribute.

Specifies whether Bones authentication is enabled.

The default value is false.
logonMethod Optional enum aspect.

The logonMethod attribute can be ane of the following possible values. The default is ClearText.

Value Description
Batch This logon type is intended for batch servers, where processes may be executing on behalf of a user without that user's direct intervention.

The numeric value is 1.
ClearText This logon type preserves the name and countersign in the authentication bundle, which allows the server to brand connections to other network servers while impersonating the customer.

The numeric value is 3.
Interactive This logon blazon is intended for users who will be using the computer interactively.

The numeric value is 0.
Network This logon blazon is intended for loftier functioning servers to authenticate plaintext passwords. Credentials are not cached for this logon type.

The numeric value is 2.
realm Optional String attribute.

Specifies the realm for Basic hallmark.

Child Elements

None.

Configuration Sample

The following configuration sample enables Basic authentication for a Web site, Web awarding, or Spider web service. By default these settings must be included in your ApplicationHost.config file, and you lot must include them in a <location> element and utilise the path aspect to define the Web site or application where yous desire to apply the authentication settings.

              <security>    <hallmark>       <anonymousAuthentication enabled="false" />       <basicAuthentication enabled="true" />    </hallmark> </security>

Sample Code

The post-obit examples enable Bones authentication for a site.

AppCmd.exe

              appcmd.exe set config "Contoso" -section:arrangement.webServer/security/authentication/basicAuthentication /enabled:"True" /commit:apphost

Notation

You lot must be certain to set the commit parameter to apphost when you use AppCmd.exe to configure these settings. This commits the configuration settings to the advisable location section in the ApplicationHost.config file.

C#

              using System; using System.Text; using Microsoft.Web.Administration;  internal static form Sample {      private static void Main()     {          using (ServerManager serverManager = new ServerManager())         {             Configuration config = serverManager.GetApplicationHostConfiguration();              ConfigurationSection basicAuthenticationSection = config.GetSection("organisation.webServer/security/authentication/basicAuthentication", "Contoso");             basicAuthenticationSection["enabled"] = truthful;              serverManager.CommitChanges();         }     } }

VB.Net

              Imports Organization Imports Organization.Text Imports Microsoft.Spider web.Administration  Module Sample     Sub Main()         Dim serverManager As ServerManager = New ServerManager         Dim config As Configuration = serverManager.GetApplicationHostConfiguration          Dim basicAuthenticationSection As ConfigurationSection = config.GetSection("system.webServer/security/authentication/basicAuthentication", "Contoso")         basicAuthenticationSection("enabled") = Truthful          serverManager.CommitChanges()     End Sub Stop Module

JavaScript

              var adminManager = new ActiveXObject('Microsoft.ApplicationHost.WritableAdminManager'); adminManager.CommitPath = "Automobile/WEBROOT/APPHOST";  var basicAuthenticationSection = adminManager.GetAdminSection("arrangement.webServer/security/hallmark/basicAuthentication", "Machine/WEBROOT/APPHOST/Contoso"); basicAuthenticationSection.Properties.Item("enabled").Value = true;  adminManager.CommitChanges();

VBScript

              Set adminManager = CreateObject("Microsoft.ApplicationHost.WritableAdminManager") adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST"  Set up basicAuthenticationSection = adminManager.GetAdminSection("system.webServer/security/authentication/basicAuthentication", "MACHINE/WEBROOT/APPHOST/Contoso") basicAuthenticationSection.Properties.Item("enabled").Value = True  adminManager.CommitChanges()