WebLogin - IIS7 Installation

Note: If the "modules" section is not initially in your web.config file that is OK. The master conrfiguration from applicationHost.config should pull this in automatically.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <location path="cosign/valid">
    <system.webServer>
      <cosign>
        <protected status="off" />
      </cosign>
    </system.webServer>
  </location>
    <system.webServer>
           <cosign>
                <protected status="on" />
                <service name="YOUR SERVICE NAME" />
           </cosign>
        <modules>
            <clear />
            <add name="HttpCacheModule" type="" preCondition="" lockItem="false" />
            <add name="StaticCompressionModule" type="" preCondition="" lockItem="false" />
            <add name="DefaultDocumentModule" type="" preCondition="" lockItem="false" />
            <add name="DirectoryListingModule" type="" preCondition="" lockItem="false" />
            <add name="IsapiFilterModule" type="" preCondition="" lockItem="false" />
            <add name="ProtocolSupportModule" type="" preCondition="" lockItem="false" />
            <add name="StaticFileModule" type="" preCondition="" lockItem="false" />
            <add name="AnonymousAuthenticationModule" type="" preCondition="" lockItem="false" />
            <add name="BasicAuthenticationModule" type="" preCondition="" lockItem="false" />
            <add name="WindowsAuthenticationModule" type="" preCondition="" lockItem="false" />
            <add name="RequestFilteringModule" type="" preCondition="" lockItem="false" />
            <add name="CustomErrorModule" type="" preCondition="" lockItem="false" />
            <add name="IsapiModule" type="" preCondition="" lockItem="false" />
            <add name="HttpLoggingModule" type="" preCondition="" lockItem="false" />
            <add name="ConfigurationValidationModule" type="" preCondition="" lockItem="false" />
            <add name="OutputCache" type="System.Web.Caching.OutputCacheModule" preCondition="managedHandler" />
            <add name="Session" type="System.Web.SessionState.SessionStateModule" preCondition="managedHandler" />
            <add name="Cosign" type="" preCondition="" />
            <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" preCondition="managedHandler" />
            <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="managedHandler" />
            <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" preCondition="managedHandler" />
            <add name="RoleManager" type="System.Web.Security.RoleManagerModule" preCondition="managedHandler" />
            <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" preCondition="managedHandler" />
            <add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule" preCondition="managedHandler" />
            <add name="AnonymousIdentification" type="System.Web.Security.AnonymousIdentificationModule" preCondition="managedHandler" />
            <add name="Profile" type="System.Web.Profile.ProfileModule" preCondition="managedHandler" />
            <add name="UrlMappingsModule" type="System.Web.UrlMappingsModule" preCondition="managedHandler" />
        </modules>
        <handlers>
           <!-- Configure CosignModule.dll to handle /cosign/valid -->
           <add name="Cosign Validation" path="/cosign/valid*" verb="*" modules="Cosign" resourceType="Unspecified" />
        </handlers>
    </system.webServer>

</configuration>
web.config Full File Example
