Aspnetcore.docs: dotnet publish not including windows authentication in web.config
I'm building a aspnet core 2.2 and all works as expected locally. When running dotnet publish on the solution, it creates a web.config but does not place this section in the web.config. Is it supposed to, or how do I get it in there?
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 401ad9a0-9e51-80a2-5846-82e9790d7257
- Version Independent ID: fbc36c26-9992-1f4c-66d3-02f898ee7ec4
- Content: Configure Windows Authentication in ASP.NET Core
- Content Source: aspnetcore/security/authentication/windowsauth.md
- Product: aspnet-core
- GitHub Login: @scottaddie
- Microsoft Alias: riande
billrob
All 4 comments
I found if I created an empty web.config and placed the security xml element in there, the publish picked it up and added the pieces it needed to. I would suggest placing that information into the article.
billrob
on 19 Dec 2018
Thanks for commenting @billrob ...
IMO, the instruction is confusing, since config in IIS Manager modifies the web.config to include those settings. The topic has the reader do the IIS WinAuth config first ... before the app is published/deployed. Even if there is an app already there, deployment at that point in many scenarios will overwrite the correct web.config sitting on the server.
@scottaddie If ur busy and want to hand this off, assign me.
guardrex
on 19 Dec 2018
Thanks again @billrob for posting this. I'm going to get past the ❄️holiday ☃️ and get this scheduled asap.
Given that IIS Manager injects those settings _outside_ of the <location> element, I think the best approach is going to be to do what you did. A web.config with the settings within the <location> element makes sense for sub-app scenarios where one doesn't want inheritance. I think keeping a section on using IIS Manager makes sense, but ...
- Pull the images.
- Note where the settings end up in the file.
- Move the section down in the topic ... under where the app is published and deployed.
- Note that such an approach will only change the file on the server, which means that it might be inadvertently overwritten on deployment.
Sounds like a plan! :+1: :smile:
I'll ping u on the PR when it goes up for a look :eyes:.
guardrex
on 19 Dec 2018
Thanks @guardrex. Glad I could help.
billrob
on 19 Dec 2018
Related issues
sonichanxiao
·
3Comments
YeyoCoder
·
3Comments
aaron-bozit
·
3Comments
nenmyx
·
3Comments
madelson
·
3Comments
Most helpful comment
I found if I created an empty web.config and placed the security xml element in there, the publish picked it up and added the pieces it needed to. I would suggest placing that information into the article.