Ok so this not a big deal, but it's bugging me and I can't let it go.
So I'm using MVC 5.1 with .NET 4.5.1 and OWIN authentication. So when you create a new MVC 5 project, the following is automatically added to the Web.config to get rid of the forms authentication http module because it is no longer needed when using OWIN middleware:
<system.webServer> <modules> <remove name="FormsAuthenticationModule" /> </modules> </system.webServer>
Now since we are removing the module, that means it was previously added, so here is the entry registering this http module in C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\web.config
:
<httpModules> <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" /> </httpModules>
And here is the entry in C:\Windows\System32\inetsrv\config\applicationHost.config
for IIS 8.5 that tells my application to use the module:
<system.webServer> <modules> <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="managedHandler" /> </modules> </system.webServer>
So what is automatically added to my web config at the application level has a name attribute of "FormsAuthenticationModule" while the entries in the two server level/asp.net level config files use name attribute "FormsAuthentication". So what is going on here? It seems to me that the module won't be removed since the name attribute doesn't match. I would simply think this was a typo, but after searching online, everyone seems to be using "FormsAuthenticationModule" in the application web.config. Was this a recent change in the newer version of asp.net / iis or am I missing something?
You're right -- that's a typo in the template.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With