I'm trying to create an intranet template site with asp.net mvc 3 which allows windows authenticated users to login and view the site, and unauthenticated users to of the site, but less of it.
My question is similar to this one: Using Windows Authentication with ASP.NET MVC I've tried the solution, my web.config file is set to windows authentication. I'm using Authorize attributes when necessary, but the problem seems even when I have no Authorize attributes unauthenticated (public) users cannot view the page the controller serves.
The answer on that post suggests, but to no avail.
Any controllers without an [Authorize] attribute should be open to the public automatically. So, only put your attribute on the controllers you want to lock down.
Perhaps because I'm using MVC 3, and not MVC 2 I may be getting different results, but I cannot find an answer.
This links may also be helpful:
http://msdn.microsoft.com/en-us/library/gg703322(v=vs.98).aspx http://www.asp.net/mvc/tutorials/authenticating-users-with-windows-authentication-vb
You need to change the settings for IIS to allow anonymous access rather than changing anything in your controller.