Deployment without registering management assemblies

Mar 8, 2009 at 9:43 PM
As a complete newcomer to ASP.NET I've had a lot to learn, but at long last I have CustomBasicAuthentication working on my development machine. The next step is to deploy it on my website at, but I don't think I'm able to install the management assembly or configuration schema. If I deploy my existing web.config I get the following error because the schema hasn't been registered:
The configuration section 'customBasicAuthentication' cannot be read because it is missing a section declaration 
Is there a way around this? Similarly I can't install assemblies to the GAC, but I am hoping that won't be a problem once the schema problem is resolved.

Many thanks for helping to plug this hole in ASP.NET. :)

Mar 8, 2009 at 9:50 PM
I should add that I've tried fiddling with configSections but I can't do much because the system.webServer section is already defined elsewhere. Oh what a fun weekend it's been ;)
Dec 9, 2009 at 10:25 PM
Edited Dec 9, 2009 at 10:26 PM

I had the same issue - wanting to use an xcopy deploy to a Web hosting account that does not allow me to run gacutil. I'm not an ASP.NET/IIS7 guru, so the changes I describe below may not actually be all necessary, but it got the module working for me on IIS7 on Win7. Modifications:

- Changed the main configuration section to derive from regular System.Configuration.ConfigurationSection types with attributes, removing the Microsoft.Web.Administration using clause. This was needed exactly for the reason you list - the IIS7 Microsoft.Web.Administration usage was failing when GACced assemblies were unavailable. Example:


public class CustomBasicAuthenticationSection : System.Configuration.ConfigurationSection
    public bool Enabled



- Added the config section in web.config under a new config group instead of system.webServer:


<sectionGroup name="customAuth">

<section name="customBasicAuthentication" type="LeastPrivilege.CustomBasicAuthentication.Management.CustomBasicAuthenticationSection" />



- Moved the <customBasicAuthentication> tag under the new config section:

    <customBasicAuthentication enabled="true" realm="ZoomPix Collection" providerName="WebConfigMembershipProvider" cachingEnabled="true" cachingDuration="15" requireSSL="false" />

- Changed ModuleHelper.cs IsAnonymousAllowed to always return false, meaning the site content requires a username and password.

Given all these modifications I could then xcopy-deploy the site layout from my VS compilation, and get basic auth working.

I hope this helps!


Dec 10, 2009 at 8:28 PM

Hi Erik,

Thanks for posting your solution - unfortunately I gave up long ago but hopefully it will help someone else!


Aug 2, 2010 at 8:04 AM

Hi Erik. I want to ask how did you implement that workaround.

I followed the instructions you posted but they led me to compilation errors.

These are the steps I followed (Using the latest stable code available for download):

  1. Referenced the System.Configuration assembly.
  2. From the Management module, modified CustomBasicAuthenticationSection to derive from System.Configuration.ConfigurationSection instead of Microsoft.Web.Administration.ConfigurationSection class.
  3. Added the "annotations" for each of the properties in that class. ([ConfigurationProperty("enabled")]... )
  4. Tried to clean and build, but this failed with the following errors:

Error    24    Cannot convert type 'Microsoft.Web.Administration.ConfigurationSection' to 'LeastPrivilege.CustomBasicAuthentication.Management.CustomBasicAuthenticationSection'    C:\...\CustomBasic\LeastPrivilege.CustomBasicAuthentication.Management\CustomBasicAuthenticationModuleService.cs    20    31    LeastPrivilege.CustomBasicAuthentication.Management
Error    25    'LeastPrivilege.CustomBasicAuthentication.Management.CustomBasicAuthenticationSection' does not contain a definition for 'IsLocked' and no extension method 'IsLocked' accepting a first argument of type 'LeastPrivilege.CustomBasicAuthentication.Management.CustomBasicAuthenticationSection' could be found (are you missing a using directive or an assembly reference?)    C:\...\CustomBasic\LeastPrivilege.CustomBasicAuthentication.Management\CustomBasicAuthenticationModuleService.cs    58    38    LeastPrivilege.CustomBasicAuthentication.Management

These errors make a lot of sense because the Management module uses the ConfigurationAuthenticationModuleService as a fundamental base class, an it belongs to the Microsoft.Web.Management assembly, which expects to find Microsoft.Web.Administration.ConfigurationSection hierarchy in its 'Configuration' property.

Did you make more changes to the code? How did you make it word?

I hope you could help me with this because I'm  having the same issue (no gacutil access on my hosted site).

Aug 2, 2010 at 10:23 AM

I dug up the code for this, I bet you're having trouble in CustomBasicAuthenticationModuleService.cs. I have a lot of changes in there but the first important one is that I had to modify this code to use System.Configuration to get the config section. So change from:

    ManagementConfiguration configuration = base.ManagementUnit.Configuration;
    _config = (CustomBasicAuthenticationSection)configuration.GetSection(...


    // ManagementConfiguration configuration = base.ManagementUnit.Configuration;
    _config = (CustomBasicAuthenticationSection)ConfigurationManager.GetSection(CustomBasicAuthenticationSection.SectionName);

Then you need to update GetConfiguration() to use the way System.Configuration hydrates data into a config instance:

public Dictionary<string, string> GetConfiguration()
    var config = new Dictionary<string, string>();
    config.Add("realm", Configuration.Realm);
    config.Add("providerName", Configuration.ProviderName);
    config.Add("cachingEnabled", Configuration.CachingEnabled.ToString());
    config.Add("cachingDuration", Configuration.CachingDuration.ToString());
    config.Add("requireSSL", Configuration.RequireSSL.ToString());
    return config;

And GetEnabled():

public Dictionary<string, string> GetEnabled()
    var config = new Dictionary<string, string>();
    config.Add("enabled", Configuration.Enabled.ToString());
    //config.Add("isLocked", Configuration.IsLocked.ToString());
    config.Add("isLocked", "true");
    return config;

And SetConfiguration():

        public void SetConfiguration(Dictionary<string, string> updatedValues)
            Configuration.Realm = updatedValues["realm"];
            Configuration.ProviderName = updatedValues["providerName"];
            Configuration.CachingEnabled = bool.Parse(updatedValues["cachingEnabled"]);
            Configuration.CachingDuration = int.Parse(updatedValues["cachingDuration"]);
            Configuration.RequireSSL = bool.Parse(updatedValues["requireSSL"]);

I hope this helps.



Aug 3, 2010 at 7:03 AM

Thanks a lot! It worked to build the Management module just fine.

However, there is one more couple of changes that should be done before one can deploy the module.

First, (this one is a little obvious but I think it's better to state it) change the SectionName of the CustomBasicAuthenticationSection:

       public static string SectionName = "customAuth/customBasicAuthentication";

On ModuleHelper.cs (in the Module project), change the Configuration property to look like this:


        protected CustomBasicAuthenticationSection Configuration
                if (_configuration == null)
			_configuration = (CustomBasicAuthenticationSection)System.Configuration.ConfigurationManager.GetSection(CustomBasicAuthenticationSection.SectionName);
                // TODO: error handling
                return _configuration;

Then you should rebuild both the Management and Module projects and then we can implement the solution.

I will set up a small tutorial on my blog (or somewhere else) to summarize these steps.


Aug 3, 2010 at 10:31 AM
Cool! Lemme know when you are done - and I can link that here.