Click here to Skip to main content
15,867,330 members
Articles / All Topics

MVC 4.5 Authentication Differences - Individual User Accounts and Windows Authentication (Part 1)

Rate me:
Please Sign up or sign in to vote.
5.00/5 (1 vote)
18 Dec 2015CPOL2 min read 11.5K   2   1
MVC 4.5 Authentication Differences - Individual User Accounts and Windows Authentication (Part 1)

When you create a new web site project using Visual Studio using ASP.NET 4.5 Templates, you have the option to change the authentication used by your web application. I am only going to cover the differences between the Individual User Accounts and Windows authentication in this post.

There is a lot of coverage about when to use the various authentication types already out there, but not the specific differences between the project files. This post starts to cover that.

Starting with a new solution/project (images used are from Visual Studio 2015 Update 1):

Cropped image from Visual Studio 2015 Update 1 showing the File menu with the New sub menu expanded and the Project menu item highlighted.

Which will bring you to:

Visual Studio 2015 New Project selection dialog

Select the ASP.NET Web Application. That will cause this dialog to display:

Image 3

The default authentication is Individual User Accounts. Change the selection to Windows Authentication.

Image 4

The included files are very similar to the Individual User Accounts authentication method with the following differences:

\Application Directory\.vs\config\applicationhost.config has the added block:

XML
<location path="MVC4_5">
        <system.webserver="">
            <security>
                <authentication>
                    <windowsauthentication enabled="true">
                    <anonymousauthentication enabled="false">
                </anonymousauthentication>
            </security>
        </system.webserver="">
    </location>

\Application Directory\packages.config removes these references:

  • EntityFramework
  • Microsoft.AspNet.Identity.Core
  • Microsoft.AspNet.Identity.EntityFramework
  • Microsoft.AspNet.Identity.Owin
  • Microsoft.Owin
  • Microsoft.Owin.Host.SystemWeb
  • Microsoft.Owin.Security
  • Microsoft.Owin.Security.Cookies
  • Microsoft.Owin.Security.Facebook
  • Microsoft.Owin.Security.Google
  • Microsoft.Owin.Security.MicrosoftAccount
  • Microsoft.Owin.Security.OAuth
  • Microsoft.Owin.Security.Twitter
  • Owin

\Application Directory\Application Name.csproj removes various sections relating to the no longer included references above. It changes these elements to mirror the changes made to the \Application Directory\.vs\config\applicationhost.config file:

  • XML
    <IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
  • XML
    <IISExpressWindowsAuthentication>enabled</IISExpressWindowsAuthentication>

\Application Directory\Web.config removes these sections relating to the no longer included references above:

  • Note: This code has been abbreviated:
    XML
    <configSections>
        <section name="entityFramework" ... />
      </configSections>
      <connectionStrings>
        <add name="DefaultConnection" ... />
      </connectionStrings>
  • XML
    <modules>
          <remove name="FormsAuthentication" />
        </modules>
  • The <runtime><assemblyBinding><dependentAssembly>'s for Owin
  • The entire <entityFramework> element

It changes the <system.web><authentication> mode to Windows.

It adds to the <system.web> element:

  • XML
    <authorization>
          <deny users="?" />
        </authorization>

\Application Directory\App_Start\ removes these files:

  • IdentityConfig.cs
  • Start.Auth.cs

Only the Home Controller is included in the project.

No Models are included in the project.

Only Home and Shared Views are included in the project. The View files have minor differences to accommodate the missing or different Models.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Software Developer (Senior)
United States United States
Long time software engineer who rambles occasionally about coding, best practices, and other random things.

Comments and Discussions

 
GeneralMy vote of 5 Pin
Member 1393306731-Jul-18 9:50
Member 1393306731-Jul-18 9:50 
Thank you this explanation. I was struggling to understand the authentication differences in the latest framework. I was struggling.

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.