iismicrosoft-edgebasic-authenticationazure-static-website-hosting

Protect Static Html Files Website in IIS with Basic Authentication


I have a simple Intranet Website that is just a few HTML pages with a little JavaScript and CSS.

If Allow Anonymous is ON, everyone can see it. It works.

In IIS, I turn on Basic Authentication and it only partially works as expected.

The company only allows IE and Edge installed on Windows 10 PCs for now.

Specific users have been added to that server running IIS. In IE when users go to the website now, they are prompted for their username and password. Then the website loads. However, in Edge, the users are never prompted for the their username and password. A 401 errors loads instead. I have already tried putting the username and password in the URL like so: https://username:password@URL but that did not work.

I want the same or similar behavior that works in IE for Edge.


Solution

  • I assume you're using Edge Chromium browser, correct me if I'm wrong. The issue might be related with this policy: AuthSchemes.

    You can visit edge://policy in Edge and check if it has an AuthSchemes policy set. The policy can be used to disable Basic Authentication. If your browser has this policy set, you need to enable 'basic' value in the policy.

    I don't have this policy set and I visit the test page https://jigsaw.w3.org/HTTP/Basic/, the Basic Authentication works well in Edge.

    You can also refer to this thread and this thread which have similar issues.