Windows authentication

Topics: ASP.NET 2.0
Aug 3, 2011 at 10:42 AM

Hi,

How do I enable windows authentication on the blogengine?

Aug 5, 2011 at 11:09 AM

Hi Andrew,

In the web.config, add a connectionString to your active directory and give it a unique name (i.e. ADConnStr) replacing the LDAP address with your domains Fully qualified domain name.

<connectionStrings>
    <clear/>
    <add name="BlogEngine" connectionString="Data Source=MySQLServer;User ID=user;Password=password;persist security info=False;initial catalog=BlogEngine;" providerName="System.Data.SqlClient"/>
 
    <!-- Windows AD Connection String for signle sign on-->
    <add name="ADConnStr" connectionString="LDAP://domain.com/DC=domain,DC=com"/>        
  </connectionStrings>

Next add a line in the membership section and specify the LDAP field (normally SAMAccountName) that you want to use as the user account and change the default provider to this new section.

<membership defaultProvider="ADMembershipProvider">
      <providers>
        <clear/>
         <add name="ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" attributeMapUsername="sAMAccountName" connectionStringName="ADConnStr" enableSearchMethods="true"/>
      </providers>
    </membership>

Next change the authentication mode switch to "Windows" under the "<system.web>" key

<authentication mode="Windows">
      <forms timeout="129600" name=".AUXBLOGENGINE" protection="All" slidingExpiration="true" loginUrl="~/Account/login.aspx" cookieless="UseCookies"/>
    </authentication>

Restart your site and when you hit the login button it will now authenticate users agaisnt your active directory.  In this configuration the role assignments are still handled by the XML role provider and so you just have to add SAMAccountName values to the various roles by editing the roles.xml file. 

If you want to bypass the login screen completley, then change your IIS settings to not allow anonymous users and only and this should automatically authenticate them.

Hope this helps,

Andy

Aug 5, 2011 at 11:22 AM

Thanks Andy! Much appreciated!

Aug 28, 2012 at 3:38 PM
Edited Aug 29, 2012 at 11:09 PM

Hi, sorry for bothering you, but Can you make it running? I'm trying to setup BlogEngine in a domain enviroment, using a MSSQL DB, and "windows authentication" which means I'll like to avoid "relogin users". I'm trying to setup as the post shows but it is still going to login.aspx and requesting user/pass, I'm adding the user to the roles.xml. Obviously Not Adminsitrator role is assigned to the domain users, Can be provided the full configuration files for checking? or are any step by step guide?

In addtion to that I was trying to get the content of Request.ServerVariables("REMOTE_USER")) inside of an asp page an the answer is "" , if I take out the web.config file from the site , the same page asp report the user logged in that server variable, so something related to the config file must be related (i guess)

 

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <configSections>
    <sectionGroup name="BlogEngine">
      <section name="blogProvider" requirePermission="false" type="BlogEngine.Core.Providers.BlogProviderSection, BlogEngine.Core" allowDefinition="MachineToApplication" restartOnExternalChanges="true" />
      <section name="blogFileSystemProvider" requirePermission="false" type="BlogEngine.Core.Providers.BlogFileSystemProviderSection, BlogEngine.Core" allowDefinition="MachineToApplication" restartOnExternalChanges="true" />
    </sectionGroup>
  </configSections>
  <BlogEngine>
    <blogProvider defaultProvider="DbBlogProvider" fileStoreProvider="XmlBlogProvider">
      <providers>
        <add description="Xml Blog Provider" name="XmlBlogProvider" type="BlogEngine.Core.Providers.XmlBlogProvider, BlogEngine.Core" />
        <add connectionStringName="BlogEngine" description="Sql Database Provider" name="DbBlogProvider" type="BlogEngine.Core.Providers.DbBlogProvider, BlogEngine.Core" />
      </providers>
    </blogProvider>
    <blogFileSystemProvider defaultProvider="XmlBlogProvider">
      <providers>
        <add description="Xml Blog Provider" name="XmlBlogProvider" type="BlogEngine.Core.Providers.XmlFileSystemProvider, BlogEngine.Core" />
        <add storageVariable="BlogEngine" description="Sql Database Provider" name="DbBlogProvider" type="BlogEngine.Core.Providers.DbFileSystemProvider, BlogEngine.Core" />
        <!--<add storageVariable="\\UNCPath\BlogFiles" description="UNC Path Provider" name="UNCBlogProvider" type="BlogEngine.Core.Providers.UNCFileSystemProvider, BlogEngine.Core" />-->
      </providers>
    </blogFileSystemProvider>
  </BlogEngine>
  <connectionStrings>
    <clear />
    <add name="BlogEngine" connectionString="Data Source=xxxxxxxx;Initial Catalog=BlogEngine;User Id=xxxxxx;Password=xxxxxx;" providerName="System.Data.SqlClient" />
    <add name="ADConnStr" connectionString="LDAP://xxxxxx.com/DC=lat,DC=xxxxx,DC=com" />
  </connectionStrings>
  <appSettings>
    <add key="BlogEngine.FileExtension" value=".aspx" />
    <!-- You can e.g. use "~/blog/" if BlogEngine.NET is not located in the root of the application -->
    <add key="BlogEngine.VirtualPath" value="~/" />
    <!-- The regex used to identify mobile devices so a different theme can be shown -->
    <add key="BlogEngine.MobileDevices" value="(iemobile|iphone|ipod|android|nokia|sonyericsson|blackberry|samsung|sec\-|windows ce|motorola|mot\-|up.b|midp\-)" />
    <!-- The name of the role with administrator permissions -->
    <add key="BlogEngine.AdminRole" value="Administrators" />
    <!-- The name of the role for anonymous(non-authenticated) users. -->
    <add key="BlogEngine.AnonymousRole" value="Anonymous" />
    <!-- The name of the role for Editors -->
    <add key="BlogEngine.EditorsRole" value="Editors" />
    <!--This value is to provide an alternative location for storing data.-->
    <add key="StorageLocation" value="~/App_Data/" />
    <!--This value is the folder name under the StorageLocation that data for blog instances will be stored in.-->
    <add key="BlogInstancesFolderName" value="blogs" />
    <!--A comma separated list of script names to hard minify. It's case-sensitive. -->
    <add key="BlogEngine.HardMinify" value="blog.js,widget.js,WebResource.axd" />
    <!--Any data grid in the admin panel should use this value for default number of items per page.-->
    <add key="BlogEngine.GenericPageSize" value="20" />
  </appSettings>
  <system.serviceModel>
    <services>
      <service behaviorConfiguration="AuthenticationServiceBehaviors" name="System.Web.ApplicationServices.AuthenticationService">
        <endpoint binding="basicHttpBinding" contract="System.Web.ApplicationServices.AuthenticationService" />
      </service>
    </services>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    <behaviors>
      <serviceBehaviors>
        <behavior name="AuthenticationServiceBehaviors">
          <serviceMetadata httpGetEnabled="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
  <system.web.extensions>
    <scripting>
      <webServices>
        <authenticationService enabled="true" requireSSL="false" />
      </webServices>
    </scripting>
  </system.web.extensions>
  <system.web>
    <webServices>
      <protocols>
        <add name="HttpPost" />
        <add name="HttpGet" />
      </protocols>
    </webServices>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Management, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
        <add assembly="Microsoft.Web.Infrastructure, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Razor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.WebPages, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.WebPages.Razor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add assembly="System.Web.Helpers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </assemblies>
      <!-- you may need it if you have issuew with razor/ajax in admin cshtml pages
      <buildProviders>
        <add extension=".cshtml" type="System.Web.WebPages.Razor.RazorBuildProvider, System.Web.WebPages.Razor"/>
      </buildProviders>
      -->
      <expressionBuilders>
        <add expressionPrefix="LinqLength" type="BlogEngine.Core.Compilation.LinqLengthExpressionBuilder, BlogEngine.Core" />
        <add expressionPrefix="Reflect" type="BlogEngine.Core.Compilation.ReflectExpressionBuilder, BlogEngine.Core" />
        <add expressionPrefix="Session" type="BlogEngine.Core.Compilation.SessionExpressionBuilder, BlogEngine.Core" />
        <add expressionPrefix="Server" type="BlogEngine.Core.Compilation.ServerVariableExpressionBuilder, BlogEngine.Core" />
        <add expressionPrefix="QueryString" type="BlogEngine.Core.Compilation.QueryStringExpressionBuilder, BlogEngine.Core" />
        <add expressionPrefix="Code" type="BlogEngine.Core.Compilation.CodeExpressionBuilder, BlogEngine.Core" />
      </expressionBuilders>
    </compilation>
    <globalization requestEncoding="utf-8" responseEncoding="utf-8" culture="auto" uiCulture="auto" />
    <httpRuntime enableVersionHeader="false" useFullyQualifiedRedirectUrl="true" maxRequestLength="16384" executionTimeout="3600" requestLengthDiskThreshold="16384" requestValidationMode="2.0" />
    <machineKey validationKey="D9F7287EFDE8DF4CAFF79011D5308643D8F62AE10CDF30DAB640B7399BF6C57B0269D60A23FBCCC736FC2487ED695512BA95044DE4C58DC02C2BA0C4A266454C" decryptionKey="BDAAF7E00B69BA47B37EEAC328929A06A6647D4C89FED3A7D5C52B12B23680F4" validation="SHA1" decryption="AES" />
    <authentication mode="Windows"/>
      <!--forms timeout="129600" name=".AUXBLOGENGINE" protection="All" slidingExpiration="true" loginUrl="~/Account/login.aspx" cookieless="UseCookies" />
    </authentication-->
    <pages enableSessionState="false" enableViewStateMac="true" enableEventValidation="true" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
      <controls>
        <add namespace="App_Code.Controls" tagPrefix="blog" />
      </controls>
    </pages>
    <customErrors mode="RemoteOnly" defaultRedirect="~/error.aspx" redirectMode="ResponseRewrite">
      <error statusCode="404" redirect="~/error404.aspx" />
    </customErrors>
    <!--<trust level="Medium"/>-->
    <membership defaultProvider="ADMembershipProvider">
      <providers>
        <clear />
        <add name="XmlMembershipProvider" type="BlogEngine.Core.Providers.XmlMembershipProvider, BlogEngine.Core" description="XML membership provider" passwordFormat="Hashed" />
        <add name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="BlogEngine" applicationName="BlogEngine" />
        <add name="DbMembershipProvider" type="BlogEngine.Core.Providers.DbMembershipProvider, BlogEngine.Core" passwordFormat="Hashed" connectionStringName="BlogEngine" />
        <add name="ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
        attributeMapUsername="sAMAccountName" connectionStringName="ADConnStr" enableSearchMethods="true" />
      </providers>
    </membership>
    <roleManager defaultProvider="XmlRoleProvider" enabled="true" cacheRolesInCookie="false">
      <providers>
        <clear />
        <add name="XmlRoleProvider" type="BlogEngine.Core.Providers.XmlRoleProvider, BlogEngine.Core" description="XML role provider" />
        <add name="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="BlogEngine" applicationName="BlogEngine" />
        <add name="DbRoleProvider" type="BlogEngine.Core.Providers.DbRoleProvider, BlogEngine.Core" connectionStringName="BlogEngine" />
      </providers>
    </roleManager>
    <siteMap defaultProvider="PageSiteMap" enabled="true">
      <providers>
        <add name="PageSiteMap" description="The site map provider that reads in the .sitemap XML files." type="BlogEngine.Core.Web.Controls.PageSiteMap, BlogEngine.Core" />
        <add name="SecuritySiteMap" description="Used for authenticated users." type="BlogEngine.Core.SecuritySiteMapProvider, BlogEngine.Core" securityTrimmingEnabled="true" siteMapFile="Web.sitemap" />
      </providers>
    </siteMap>
    <httpModules>
      <add name="WwwSubDomainModule" type="BlogEngine.Core.Web.HttpModules.WwwSubDomainModule, BlogEngine.Core" />
      <add name="UrlRewrite" type="BlogEngine.Core.Web.HttpModules.UrlRewrite, BlogEngine.Core" />
      <add name="CompressionModule" type="BlogEngine.Core.Web.HttpModules.CompressionModule, BlogEngine.Core" />
      <add name="ReferrerModule" type="BlogEngine.Core.Web.HttpModules.ReferrerModule, BlogEngine.Core" />
      <add name="SecurityModule" type="BlogEngine.Core.Security, BlogEngine.Core" />
      <add name="RightModule" type="BlogEngine.Core.Right, BlogEngine.Core" />
      <!--Remove the default ASP.NET modules we don't need-->
      <remove name="PassportAuthentication" />
      <remove name="Profile" />
      <remove name="AnonymousIdentification" />
    </httpModules>
    <httpHandlers>
      <add verb="*" path="file.axd" type="BlogEngine.Core.Web.HttpHandlers.FileHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="image.axd" type="BlogEngine.Core.Web.HttpHandlers.ImageHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="syndication.axd" type="BlogEngine.Core.Web.HttpHandlers.SyndicationHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="sitemap.axd" type="BlogEngine.Core.Web.HttpHandlers.SiteMap, BlogEngine.Core" validate="false" />
      <add verb="*" path="trackback.axd" type="BlogEngine.Core.Web.HttpHandlers.TrackbackHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="pingback.axd" type="BlogEngine.Core.Web.HttpHandlers.PingbackHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="opensearch.axd" type="BlogEngine.Core.Web.HttpHandlers.OpenSearchHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="metaweblog.axd" type="BlogEngine.Core.API.MetaWeblog.MetaWeblogHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="rsd.axd" type="BlogEngine.Core.Web.HttpHandlers.RsdHandler, BlogEngine.Core" validate="false" />
      <!--<add verb="*" path="css.axd" type="BlogEngine.Core.Web.HttpHandlers.CssHandler, BlogEngine.Core" validate="false"/>-->
      <add verb="*" path="*.js.axd" type="BlogEngine.Core.Web.HttpHandlers.JavaScriptHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="*.res.axd" type="BlogEngine.Core.Web.HttpHandlers.ResourceHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="rating.axd" type="BlogEngine.Core.Web.HttpHandlers.RatingHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="opml.axd" type="BlogEngine.Core.Web.HttpHandlers.OpmlHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="blogml.axd" type="BlogEngine.Core.Web.HttpHandlers.BlogMLExportHandler, BlogEngine.Core" validate="false" />
      <add verb="*" path="sioc.axd" type="BlogEngine.Core.Web.HttpHandlers.Sioc, BlogEngine.Core" validate="false" />
      <add verb="*" path="apml.axd" type="BlogEngine.Core.Web.HttpHandlers.Apml, BlogEngine.Core" validate="false" />
      <add verb="*" path="foaf*.axd" type="BlogEngine.Core.Web.HttpHandlers.Foaf, BlogEngine.Core" validate="false" />
      <add verb="*" path="*.htm" type="System.Web.StaticFileHandler" />
    </httpHandlers>
  </system.web>
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <!-- Enable the staticContent section below to add Expires headers to images for better performance.
         Some hosting providers does not allow the staticContent section to be set. -->
    <!--
    <staticContent>
      <clientCache httpExpires="Sun, 29 Mar 2020 00:00:00 GMT" cacheControlMode="UseExpires" />
      <mimeMap fileExtension=".mp4" mimeType="video/mp4" />
    </staticContent>
    -->
    <modules runAllManagedModulesForAllRequests="true">
      <add name="WwwSubDomainModule" type="BlogEngine.Core.Web.HttpModules.WwwSubDomainModule, BlogEngine.Core" />
      <add name="UrlRewrite" type="BlogEngine.Core.Web.HttpModules.UrlRewrite, BlogEngine.Core" />
      <add name="CompressionModule" type="BlogEngine.Core.Web.HttpModules.CompressionModule, BlogEngine.Core" />
      <add name="ReferrerModule" type="BlogEngine.Core.Web.HttpModules.ReferrerModule, BlogEngine.Core" />
      <add name="SecurityModule" type="BlogEngine.Core.Security, BlogEngine.Core" />
      <add name="RightModule" type="BlogEngine.Core.Right, BlogEngine.Core" />
    </modules>
    <handlers accessPolicy="Read, Write, Script, Execute">
      <add name="FileHandler" verb="*" path="file.axd" type="BlogEngine.Core.Web.HttpHandlers.FileHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="ImageHandler" verb="*" path="image.axd" type="BlogEngine.Core.Web.HttpHandlers.ImageHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Syndication" verb="*" path="syndication.axd" type="BlogEngine.Core.Web.HttpHandlers.SyndicationHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Sitemap" verb="*" path="sitemap.axd" type="BlogEngine.Core.Web.HttpHandlers.SiteMap, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Trackback" verb="*" path="trackback.axd" type="BlogEngine.Core.Web.HttpHandlers.TrackbackHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Pingback" verb="*" path="pingback.axd" type="BlogEngine.Core.Web.HttpHandlers.PingbackHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="OpenSearch" verb="*" path="opensearch.axd" type="BlogEngine.Core.Web.HttpHandlers.OpenSearchHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="MetaWeblog" verb="*" path="metaweblog.axd" type="BlogEngine.Core.API.MetaWeblog.MetaWeblogHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="RSD" verb="*" path="rsd.axd" type="BlogEngine.Core.Web.HttpHandlers.RsdHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <!--<add name="CssHandler" verb="*" path="css.axd" type="BlogEngine.Core.Web.HttpHandlers.CssHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode"/>-->
      <add name="WebResource" path="*.js.axd" verb="*" type="BlogEngine.Core.Web.HttpHandlers.JavaScriptHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Resource" verb="*" path="*.res.axd" type="BlogEngine.Core.Web.HttpHandlers.ResourceHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Rating" verb="*" path="rating.axd" type="BlogEngine.Core.Web.HttpHandlers.RatingHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Opml" verb="*" path="opml.axd" type="BlogEngine.Core.Web.HttpHandlers.OpmlHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="BlogML" verb="*" path="blogml.axd" type="BlogEngine.Core.Web.HttpHandlers.BlogMLExportHandler, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="SIOC" verb="*" path="sioc.axd" type="BlogEngine.Core.Web.HttpHandlers.Sioc, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Apml" verb="*" path="apml.axd" type="BlogEngine.Core.Web.HttpHandlers.Apml, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Foaf" verb="*" path="foaf*.axd" type="BlogEngine.Core.Web.HttpHandlers.Foaf, BlogEngine.Core" resourceType="Unspecified" requireAccess="Script" preCondition="integratedMode" />
      <add name="Html" path="*.htm" verb="*" type="System.Web.StaticFileHandler" resourceType="Unspecified" preCondition="integratedMode" />
      <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
    </handlers>
    <!-- Enable the httpProtocol section below to manipulate some HTTP headers.
         Some hosting providers does not allow the httpProtocol section to be set. -->
    <!--
    <httpProtocol>
      <customHeaders>
        <remove name="X-Powered-By" />
        <add name="Etag" value=" " />
      </customHeaders>
    </httpProtocol>
    -->
    <!-- enables compression in IIS 7
    <urlCompression doDynamicCompression="true" doStaticCompression="true" dynamicCompressionBeforeCache="true"/>
    -->
    <staticContent>
      <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="365.00:00:00" cacheControlCustom="public" />
      <remove fileExtension=".ico" />
      <mimeMap fileExtension=".ico" mimeType="image/x-icon" />
    </staticContent>
  </system.webServer>
</configuration>

Thanks for all in advance