How do I implement the protection of the pages (asp.net mvc app), so when I hit the home page or any other pages within the application I get a login dialog popup in the browser
I'm looking for something similar to what Apache .htaccess
and .htpasswd
is doing.
I have IIS 7.5/Windows Server 2008 R2 Web edition.
Best Answer
First of all you need to enable Basic Authentication. You can find this setting in the Authentication feature for the site in IIS Manager:
Double click on the icon then right click on Basic Authentication and select Enable:
You can also configure this directly in your
web.config
file (your application doesn't even have to be an ASP.NET application):This will only work in the
web.config
provided that this feature has been delegated as Read/Write.Out of the box you would need to create a separate Windows 2008 account for each login.
If you wanted to use a custom store (SQL Server, Membership Service) then you'd need to write your own Basic Authentication module: