diff --git a/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerMiddleware.cs b/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerMiddleware.cs
index c8c7cb0a29..5a5a3b565e 100644
--- a/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerMiddleware.cs
+++ b/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerMiddleware.cs
@@ -49,20 +49,24 @@ namespace Microsoft.AspNet.IISPlatformHandler
UpdateScheme(httpContext);
UpdateRemoteIp(httpContext);
-
- var winPrincipal = UpdateUser(httpContext);
-
- var handler = new AuthenticationHandler(httpContext, _options, winPrincipal);
- AttachAuthenticationHandler(handler);
-
- try
+ if (_options.FlowWindowsAuthentication)
+ {
+ var winPrincipal = UpdateUser(httpContext);
+ var handler = new AuthenticationHandler(httpContext, _options, winPrincipal);
+ AttachAuthenticationHandler(handler);
+ try
+ {
+ await _next(httpContext);
+ }
+ finally
+ {
+ DetachAuthenticationhandler(handler);
+ }
+ }
+ else
{
await _next(httpContext);
}
- finally
- {
- DetachAuthenticationhandler(handler);
- }
}
private static void UpdateScheme(HttpContext httpContext)
diff --git a/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerOptions.cs b/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerOptions.cs
index 96e005c250..42158f60a1 100644
--- a/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerOptions.cs
+++ b/src/Microsoft.AspNet.IISPlatformHandler/IISPlatformHandlerOptions.cs
@@ -15,6 +15,12 @@ namespace Microsoft.AspNet.IISPlatformHandler
///
public bool AutomaticAuthentication { get; set; } = true;
+ ///
+ /// If true authentication middleware will try to authenticate using platform handler windows authentication
+ /// If false authentication middleware won't be added
+ ///
+ public bool FlowWindowsAuthentication { get; set; } = true;
+
///
/// Additional information about the authentication type which is made available to the application.
///
diff --git a/test/Microsoft.AspNet.IISPlatformHandler.Tests/HttpPlatformHandlerMiddlewareTests.cs b/test/Microsoft.AspNet.IISPlatformHandler.Tests/HttpPlatformHandlerMiddlewareTests.cs
index c08d7544b9..faeb7058e8 100644
--- a/test/Microsoft.AspNet.IISPlatformHandler.Tests/HttpPlatformHandlerMiddlewareTests.cs
+++ b/test/Microsoft.AspNet.IISPlatformHandler.Tests/HttpPlatformHandlerMiddlewareTests.cs
@@ -5,6 +5,9 @@ using System.Net;
using System.Net.Http;
using System.Threading.Tasks;
using Microsoft.AspNet.Builder;
+using Microsoft.AspNet.Http.Features.Authentication;
+using Microsoft.AspNet.Http.Internal;
+using Microsoft.AspNet.IISPlatformHandler;
using Microsoft.AspNet.TestHost;
using Xunit;
@@ -108,5 +111,51 @@ namespace Microsoft.AspNet.IISPlatformHandler
await server.CreateClient().SendAsync(req);
Assert.True(assertsExecuted);
}
+
+ [Fact]
+ public async Task AddsAuthenticationHandlerByDefault()
+ {
+ var assertsExecuted = false;
+
+ var server = TestServer.Create(app =>
+ {
+ app.UseIISPlatformHandler();
+ app.Run(context =>
+ {
+ var auth = (IHttpAuthenticationFeature)context.Features[typeof(IHttpAuthenticationFeature)];
+ Assert.NotNull(auth);
+ Assert.IsAssignableFrom(auth.Handler);
+ assertsExecuted = true;
+ return Task.FromResult(0);
+ });
+ });
+
+ var req = new HttpRequestMessage(HttpMethod.Get, "");
+ await server.CreateClient().SendAsync(req);
+ Assert.True(assertsExecuted);
+ }
+
+
+ [Fact]
+ public async Task DoesNotAddAuthenticationHandlerIfWindowsAuthDisabled()
+ {
+ var assertsExecuted = false;
+
+ var server = TestServer.Create(app =>
+ {
+ app.UseIISPlatformHandler(options => options.FlowWindowsAuthentication = false);
+ app.Run(context =>
+ {
+ var auth = (IHttpAuthenticationFeature)context.Features[typeof(IHttpAuthenticationFeature)];
+ Assert.Null(auth);
+ assertsExecuted = true;
+ return Task.FromResult(0);
+ });
+ });
+
+ var req = new HttpRequestMessage(HttpMethod.Get, "");
+ await server.CreateClient().SendAsync(req);
+ Assert.True(assertsExecuted);
+ }
}
-}
\ No newline at end of file
+}