Enable Forms Authentication (IIS 7)
Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista
ASP.NET Forms-based authentication is works well for sites or applications on public Web servers that receive many requests. This authentication mode lets you manage client registration and authentication at the application level, instead of relying on the authentication mechanisms provided by the operating system.
|Because Forms authentication sends the user name and password to the Web server as plain text, you should use Secure Sockets Layer (SSL) encryption for the logon page and for all other pages in your application except the home page.|
For information about the levels at which you can perform this procedure, and the modules, handlers, and permissions that are required to perform this procedure, see Authentication Feature Requirements (IIS 7)
Exceptions to Feature Requirements
You can perform this procedure by using the user interface (UI), by running Appcmd.exe commands in a command-line window, by editing configuration files directly, or by writing WMI scripts.
Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI, see Navigation in IIS Manager (IIS 7).
In Features View, double-click Authentication.
On the Authentication page, select Forms Authentication.
In the Actions pane, click Enable to use Forms authentication with the default settings.
To enable or disable Forms authentication, use the following syntax:
appcmd set config /commit:WEBROOT /section:system.web/authentication /mode: None | Windows | Passport | Forms
|Passport is a supported value for the mode attribute; however, Passport authentication is not supported on Windows Vista or Windows Server 2008.|
By default, IIS 7 sets the mode attribute to Windows, which disables Forms authentication. If you set the attribute to Forms, you enable Forms authentication. For example, to enable Forms authentication, type the following at the command prompt, and then press ENTER:
appcmd set config /commit:WEBROOT /section:system.web/authentication /mode:Forms
|When you use Appcmd.exe to configure the authentication element at the global level in IIS 7, you must specify /commit:WEBROOT in the command so that configuration changes are made to the root Web.config file instead of ApplicationHost.config.|
For more information about Appcmd.exe, see Appcmd.exe (IIS 7).
The procedure in this topic affects the following configuration elements:
<authentication> under <system.web>
For more information about IIS 7 configuration, see IIS 7.0: IIS Settings Schema on MSDN.
Use the following WMI classes, methods, or properties to perform this procedure:
For more information about WMI and IIS, see Windows Management Instrumentation (WMI) in IIS 7. For more information about the classes, methods, or properties associated with this procedure, see the IIS WMI Provider Reference on the MSDN site.