Configuring Anonymous Authentication

When Anonymous access is permitted, a remote user is not required to supply credentials to access a file. Instead, IIS 8.0 attempts to use a pre-configured account to access the resource (for example, to read a file off the hard disk). If that account has appropriate rights, then the action (typically to read the file) is performed. If the pre-configured account does not have permission to access the resource, but some other authentication mechanism is enabled that both server and client support, then the user has an opportunity to supply credentials that can access the resource. If no alternate authentication mechanism is enabled or there is no alternate authentication mechanism that both client and server support enabled, then a 401.3 (“Unauthorized due to ACL on resource”) HTTP status is generated.

By default, the configured anonymous access account is the IUSR account created when IIS 8.0 is installed. This account replaces the IUSR_<machinename> account used in previous versions of IIS.

Note

The AnonymousAuthenticationModule (authanon.dll) must be installed and enabled to allow Anonymous authentication. This module is installed by default using an interactive install. Requests for .NET resources (such as ASP.NET ASPX pages or ASMX web services) are not made using the IUSR account. Instead, requests for those resources use the Web Application Pool's identity (by default, NT Authority\Network Service) if ASP.NET impersonation is not enabled. ...

Get Professional Microsoft IIS 8 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Professional Microsoft IIS 8 by Kenneth Schaefer, Jeff Cochran, Scott Forsyth, Dennis Glendenning, Benjamin Perkins

Configuring Anonymous Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly