7.7. Authenticating Classic ASP with IIS 7.0 Integrated Mode

Authenticating a classic ASP page that is part of an ASP.NET application running under the classic .NET application pool inside IIS 7.0 does not require any extra efforts except the trick of defining a wildcard mapping inside IIS 7.0 so that ASP.NET gets the chance to process the classic ASP page. Defining and enforcing authentication on classic ASP pages, as you have seen in the above section, is no different from what you do for ASP.NET resources. First, you define the <authentication> configuration section inside the web.config configuration file of the application. Once the web.config configuration file is configured properly to handle authentication, you add an .aspx login page to allow users to enter their credentials to be authenticated by the application.

The preceding section shows how to authenticate classic ASP pages inside an ASP.NET application that is running under the classic .NET application pool. The same configurations and additions are needed when you want to authenticate classic ASP pages when running inside an ASP.NET application that is configured with the default application pool or in other words the integrated mode. You still need to define the <authentication> configuration section inside the web.config configuration file and add an .aspx Login page to gather credentials and authenticate users.

Until now there has been nothing mentioned about wildcard mapping when it is time to authenticate ...

Get Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.