0

We have a asp.net web app and associated self-hosted nancy rest API. Currently the web app is secure over ssl and the api is not on port 80 (still under development).

IIS authentication is on and redirects unauthorised requests to the user login page.

In an ideal world I would like nancy to also be on port 443.

But this means that IIS redirects any traffic on port 443 to the user login page.

Is it possible to have application/json requests rewritten to go to nancy prior to IIS authentication redirection? Or any paths that begin with /api/

How can I get IIS authentication and nancy to play nice with the same port?

Improve this question

1 Answer 1

Reset to default
0

I don't use Nancy, so I'm not sure this helps, but:

You can enable IIS authentication selectively, for just certain parts of your site, or excluding a certain route.

In your web.config you can have something like this:

<location path="/api/"> <system.webServer> <security> <authentication> <basicAuthentication enabled="false"/> <anonymousAuthentication enabled="true" /> </authentication> </security> </system.webServer> </location>

Using the location node, you can define which parts of your site should use different types of authentication.

You could then still use the URL Rewrite module to re-write URLs based on their MIME types.

Improve this answer
1
  • this looks like the solution. I will have a play and get you a green tick if it works. Commented Aug 1, 2016 at 14:25

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.