I tried to write a simple site using node.js hosted on IIS Express 7.5 (via WebMatrix). I would like to use Integrated Windows Authentication.
I configured applicationhost.config as it described in some similar posts. Also i have configured web.config as well.
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<basicAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
Now, when request the site it ask for credentials. That's pretty good for now. Then i provide correct domain credentials and got an error 401.1
Well, the site in trusted zone and Fidler said Kerberos tickets provided.
What's wrong?
I checked trace and got the following error:
<EventData>
<Data Name="ContextId">{00000000-0000-0000-3F03-0080000000F8}</Data>
<Data Name="ModuleName">WindowsAuthenticationModule</Data>
<Data Name="Notification">2</Data>
<Data Name="HttpStatus">401</Data>
<Data Name="HttpReason">Unauthorized</Data>
<Data Name="HttpSubStatus">1</Data>
<Data Name="ErrorCode">2147942485</Data>
<Data Name="ConfigExceptionInfo"></Data>
</EventData>
<RenderingInfo Culture="en-US">
<Opcode>MODULE_SET_RESPONSE_ERROR_STATUS</Opcode>
<Keywords>
<Keyword>RequestNotifications</Keyword>
</Keywords>
<freb:Description Data="Notification">AUTHENTICATE_REQUEST</freb:Description>
<freb:Description Data="ErrorCode">The local device name is already in use. (0x80070055)</freb:Description>
</RenderingInfo>
Ok, then i was trying to figure out the problem for few hours and only found that if remove rules or URL Rewrite Module from web.config
<rewrite>
<rules>
<!-- Don't interfere with requests for logs -->
<rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$" />
</rule>
<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
<rule name="StaticContent">
<action type="Rewrite" url="public{REQUEST_URI}" />
</rule>
<!-- All other URLs are mapped to the Node.js application entry point -->
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Rewrite" url="app.js" />
</rule>
</rules>
</rewrite>
then all will work great (except the correct handling of app.js)
So, the question is how to keep original node.js template for WebMatrix and use Windows Authentication without such error?
One more question is how to get all Context info collected by pipeline of IIS modules in node.js ??
As of iisnode v0.1.13, information collected by the IIS pipeline is not exposed to the node.js application. This is a known limitation that will be addressed by https://github.com/tjanczuk/iisnode/issues/87 and https://github.com/tjanczuk/iisnode/issues/94.
The problem with authentication when rewrite rules are used needs to be investigated; created https://github.com/tjanczuk/iisnode/issues/127.
User contributions licensed under CC BY-SA 3.0