Category Archives: ASP.NET

The last posts (here, here, here and here) show how to build an HTTP Basic Authentication module using a membership provider (and including WCF support). Moving this code to IIS7 is technically not very difficult – but the mindset changes. … Continue reading →

Taking this post as a starting point, we now have a working HTTP module that implements HTTP Basic Authentication against a membership provider. This is fine for ASP.NET applications and content, but to integrate a WCF service, there is some … Continue reading →

In the previous post I explained how the authentication module works. Now which steps are required to get the demo app included in the download to work? IIS Create a vdir in IIS that points to the sample site. Mark … Continue reading →

An HTTP module is one of the main extensibility points in ASP.NET/IIS7. Modules subscribe to notifications of certain stages in the HTTP request/response processing. Inside of the event handlers you can then inject your custom code and logic. To allow … Continue reading →

The first step in implementing an authentication module for IIS/ASP.NET is to understand the authentication protocol (doh ;) It turns out the Basic Authentication is quite simple. Whenever the server wants to start the authentication handshake, he sends a 401 … Continue reading →

Imagine this (quite common) scenario: You have some web content/resources (e.g. static files, aspx pages, asmx or WCF services) in IIS that you want to protect using HTTP Basic Authentication. The problem is, that when you enable Basic Authentication in … Continue reading →