All geek questions in one place

Configure IIS Authentication Settings Using the ServerManager Class

I am using the ServerManager class (from Microsoft.Web.Administration) to create applications on a server running IIS 7. I want to configure whether the application uses anonymous authentication or application-based Windows authentication so that I can just ask to change the settings on the root site. The contents of the application belong to a third party, so I am not allowed to modify the web.config file inside the application.

The Application class does not provide any useful properties, but maybe I could do something using the GetApplicationHostConfiguration ServerManager method?

+7
source share
1 answer

It looks like you are hoping to change the configuration of the Internet information system for the site; if this is correct, then something like this should work:

using (ServerManager serverManager = new ServerManager()) { Configuration config = serverManager.GetWebConfiguration("Contoso"); ConfigurationSection authorizationSection = config.GetSection("system.webServer/security/authorization"); ConfigurationElementCollection authorizationCollection = authorizationSection.GetCollection(); ConfigurationElement addElement = authorizationCollection.CreateElement("add"); addElement["accessType"] = @"Allow"; addElement["roles"] = @"administrators"; authorizationCollection.Add(addElement); serverManager.CommitChanges(); }

The above code will allow you to create an authorization rule that allows a specific user in a group to access a specific site. In this case, the Contoso website.

This will then disable anonymous authentication for the site; then enable Basic and Windows Authentication for the site:

 using(ServerManager serverManager = new ServerManager()) { Configuration config = serverManager.GetApplicationHostConfiguration(); ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Contoso"); anonymousAuthenticationSection["enabled"] = false; ConfigurationSection basicAuthenticationSection = config.GetSection("system.webServer/security/authentication/basicAuthentication", "Contoso"); basicAuthenticationSection["enabled"] = true; ConfigurationSection windowsAuthenticationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Contoso"); windowsAuthenticationSection["enabled"] = true; serverManager.CommitChanges(); }

Or you can simply add an IIS Manager user account if you want; which you can set for specific permissions to manage and manage these other applications.

 using (ServerManager serverManager = new ServerManager()) { Configuration config = serverManager.GetAdministrationConfiguration(); ConfigurationSection authenticationSection = config.GetSection("system.webServer/management/authentication"); ConfigurationElementCollection credentialsCollection = authenticationSection.GetCollection("credentials"); ConfigurationElement addElement = credentialsCollection.CreateElement("add"); addElement["name"] = @"ContosoUser"; addElement["password"] = @" P@ssw0rd "; addElement["enabled"] = true; credentialsCollection.Add(addElement); serverManager.CommitChanges(); }

There is great flexibility in the Internet information system; its quite powerful. The documentation contained here is also quite detailed. The examples are pretty inappropriate to adapt to your specific use, or at least provide a level of understanding to get it to do what you want.

Hope this helps brought here :

+11
source

Source: https://habr.com/ru/post/911941/

More articles:


All Articles