打开位于 C:\Users[userid]\Documents\IISExpress\config 文件夹中的 applicationHost.config 文件。在此文件中,将 anonymousAthentication 和 windowsAuthentication 的 overrideModeDefault 更改为“Allow”
<sectionGroup name="security">
<section name="access" overrideModeDefault="Deny" />
<section name="applicationDependencies" overrideModeDefault="Deny" />
<sectionGroup name="authentication">
<section name="anonymousAuthentication" overrideModeDefault="Allow" />
<section name="basicAuthentication" overrideModeDefault="Deny" />
<section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
<section name="digestAuthentication" overrideModeDefault="Deny" />
<section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
<section name="windowsAuthentication" overrideModeDefault="Allow" />
</sectionGroup>
接下来将 AnonymousAuthenticationModule 和 WindowsAuthenticationModule 的 lockItem 更改为“false”
<system.webServer>
<modules>
<!--
<add name="HttpCacheModule" lockItem="true" />
-->
<add name="DynamicCompressionModule" lockItem="true" />
<add name="StaticCompressionModule" lockItem="true" />
<add name="DefaultDocumentModule" lockItem="true" />
<add name="DirectoryListingModule" lockItem="true" />
<add name="IsapiFilterModule" lockItem="true" />
<add name="ProtocolSupportModule" lockItem="true" />
<add name="HttpRedirectionModule" lockItem="true" />
<add name="ServerSideIncludeModule" lockItem="true" />
<add name="StaticFileModule" lockItem="true" />
<add name="AnonymousAuthenticationModule" lockItem="false" />
<add name="CertificateMappingAuthenticationModule" lockItem="true" />
<add name="UrlAuthorizationModule" lockItem="true" />
<add name="BasicAuthenticationModule" lockItem="true" />
<add name="WindowsAuthenticationModule" lockItem="false" />
进行这些更改将允许现有的 Web 配置设置覆盖 IIS Express 的 applicationHost 文件中的内容。