No Authentication - AppGeo/GPV GitHub Wiki

This mode of GPV authentication allows for unrestricted public access. It is the default authentication mode of the GPV as delivered in the installation package.

IIS Virtual Directory Settings

Bring up the property page for the virtual directory containing your GPV instance and check the following settings:

• In Directory Security > Authentication and Access Control > Edit...
• check Enable Anonymous Access
• uncheck Integrated Windows Authentication
• In Directory Security > Secure Communications > Edit...
• uncheck Require Secure Channel (SSL)

Web.config Settings

• Make sure FormsAuthenticationMode in <appSettings> is empty or commented out.
• Uncomment all sections in <system.web> labeled No Authentication. These include:
• <authentication mode="Forms"> containing login credentials for the administrative user (see below)
• <authorization> allowing all users to access the GPV

Administrative Login

A minimal security configuration is required to enable access to the administrative tools of the GPV. This is done in the <authentication> element. As delivered, an unsecured GPV is configured with an administrative user having the user name "admin" and password "admin". You can change either of these and should at least change the password.

By default the password is specified as clear text. If you would like to protect the password, do the following:

1. In a web browser, start the Admin/Hash.aspx page of your GPV (it will not require a login).
2. Select "Generate hash for a password to be stored in Web.config".
3. Type in the desired password and click "Hash".
4. Copy the generated hash value and paste it into the password of the <user> element in the Web.config.
5. Finally, in the <credentials> element change passwordFormat to "SHA1".