locked
Cannot Authenticate User on Web Site that Has Worked for Years RRS feed

  • Question

  • User-748031297 posted

    Windows Server 2008 R2.  IIS 7.x.  Visual Developer 2013 Ultimate.

    (Edited:  isn't there a configuration window you use in VS when you set up a web site that tells VS how to authenticate?  How do I get to that in VS 2013?)

    I am in the process of updating a web site that has been running fine for years.  I have no problem debugging it in Visual Studio 2012.  I just moved it into VS2013 and upgraded to .NET framework 4.x from .NET Framework 2.0.  In the process, I rebuilt the Web.config file, trying to maintain the authentication settings from the old site.  I have included the Web.config below.  I get an "Access denied" error page when I try to display (from VS2013) the Default.aspx file.  The error is as follows:

    Server Error in '/' Application.


    Access is denied.

                 Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.            
    Error message 401.2.: Unauthorized: Logon failed due to server configuration.  Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.  Contact the Web server's administrator for additional assistance.


    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446

    The Web.config file in the root directory is as follows:

    <?xml version="1.0" encoding="utf-8"?>
    <!--
      For more information on how to configure your ASP.NET application, please visit
      http://go.microsoft.com/fwlink/?LinkId=169433
      -->
    <configuration>
      <configSections>
        <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
        <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
      </configSections>
      <connectionStrings>
        <add name="ExtranetConnectionString" connectionString="Data Source=GNWeb.goodnewsjail.org;Initial Catalog=Extranet;User Id=goodnews_intranet;Password=xxx" providerName="System.Data.SqlClient"/>
        <add name="Good_News_FEConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_FE;User Id=FEOPEN7;Password=xx" providerName="System.Data.SqlClient"/>
        <add name="Good_News_REConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_RE;User Id=reopen;Password=xx" providerName="System.Data.SqlClient"/>
        <add name="GoodNews_RestrictedConnectionString" connectionString="Data Source=gnweb.goodnewsjail.org;Initial Catalog=GoodNews;Persist Security Info=True;User ID=goodnews_restricted;Password=xxx" providerName="System.Data.SqlClient"/>
      </connectionStrings>
      <system.web>
        <customErrors mode="Off"/>
        <authentication mode="Windows"/>
        <compilation debug="true" targetFramework="4.5" />
        <httpRuntime targetFramework="4.5" />
        <pages>
          <namespaces>
          </namespaces>
          <controls>
            <add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
          </controls>
        </pages>
        <siteMap defaultProvider="MainSiteMap">
          <providers>
            <add name="MainSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Main.sitemap"/>
            <add name="AdminSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Admin.sitemap"/>
            <add name="EditorSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Editor.sitemap"/>
            <add name="ExecSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Exec.sitemap"/>
            <add name="FinanceSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Finance.sitemap"/>
            <add name="RDSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/RD.sitemap"/>
            <add name="ChaplainSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Chaplain.sitemap"/>
            <add name="AdvancementSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Advancement.sitemap"/>
            <add name="SEStaffSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/SEStaff.sitemap"/>
            <add name="StaffSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Staff.sitemap"/>
            <add name="PCSSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/PCS.sitemap"/>
            <add name="AdminAsstSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/AdminAsst.sitemap"/>
            <add name="ContractorSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Contractor.sitemap"/>
            <add name="OtherSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Other.sitemap"/>
          </providers>
        </siteMap>
        <sessionState mode="InProc" customProvider="DefaultSessionProvider">
          <providers>
            <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
          </providers>
        </sessionState>
      </system.web>
      <system.webServer>
        <modules>
          <remove name="FormsAuthenticationModule" />
        </modules>
      </system.webServer>
      <runtime>
        <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
          <dependentAssembly>
            <assemblyIdentity name="WebGrease" culture="neutral" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
          </dependentAssembly>
        </assemblyBinding>
      </runtime>
      <entityFramework>
        <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
        <providers>
          <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
        </providers>
      </entityFramework>
    </configuration>

    I also have a Web.config in the subdirectory "Extranet," as this is the secure directory (https:) and contains all the files for the site.  The root directory only has the index.htm (which redirects to the Extranet folder) and the Web.Config file shown above.  Here is the Web.config in the Extranet folder:

    <?xml version="1.0"?>
    <!-- 
        Note: As an alternative to hand editing this file you can use the 
        web admin tool to configure settings for your application. Use
        the Website->Asp.Net Configuration option in Visual Studio.
        A full list of settings and comments can be found in 
        machine.config.comments usually located in 
        \Windows\Microsoft.Net\Framework\v4.x\Config 
    -->
    <configuration>
      <location path="Extranet/Images/PublicImages">
    		<system.web>
          <compilation debug="true" strict="false" explicit="true" targetFramework="4.5" />
          <httpRuntime targetFramework="4.5" />
          <authorization>
    				<allow users="*"/>
    			</authorization>
    		</system.web>
    	</location>
    	<location path="Extranet/Temp Files">
    		<system.web>
    			<authorization>
    				<allow users="*"/>
    			</authorization>
    		</system.web>
    	</location>
        <location path="Index.htm">
    		<system.web>
    			<authorization>
    				<allow users="*"/>
    			</authorization>
    		</system.web>
    	</location>
    	<appSettings/>
    	<connectionStrings>
    		    <add name="ExtranetConnectionString" connectionString="Data Source=GNWeb.goodnewsjail.org;Initial Catalog=Extranet;User Id=goodnews_intranet;Password=xxx" providerName="System.Data.SqlClient"/>
            <add name="Good_News_FEConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_FE;User Id=FEOPEN7;Password=xx" providerName="System.Data.SqlClient"/>
            <add name="Good_News_REConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_RE;User Id=reopen;Password=xx" providerName="System.Data.SqlClient"/>
            <add name="GoodNews_RestrictedConnectionString" connectionString="Data Source=gnweb.goodnewsjail.org;Initial Catalog=GoodNews;Persist Security Info=True;User ID=goodnews_restricted;Password=xxx" providerName="System.Data.SqlClient"/>
      </connectionStrings>
    	<system.web>
            <identity impersonate="true" />
            <httpRuntime executionTimeout="36000" maxRequestLength="32768"/> <!-- Allow files up to 32768 KB to be uploaded -->
            <!-- 
                Set compilation debug="true" to insert debugging 
                symbols into the compiled page. Because this 
                affects performance, set this value to true only 
                during development.
            -->
    		<compilation debug="true">
        </compilation>
    		<!--
                The <authentication> section enables configuration 
                of the security authentication mode used by 
                ASP.NET to identify an incoming user. 
            -->
            <!--		<authentication mode="Windows">
    		</authentication> -->
    		<authorization>
                <deny users="?"/>
    			<allow users="*"/>
    		</authorization>
    		<!--
                The <customErrors> section enables configuration 
                of what to do if/when an unhandled error occurs 
                during the execution of a request. Specifically, 
                it enables developers to configure html error pages 
                to be displayed in place of a error stack trace.
            -->
    		<customErrors mode="RemoteOnly" defaultRedirect="GNError.aspx">
    			<error statusCode="403" redirect="NoAccess.htm"/>
    			<error statusCode="404" redirect="FileNotFound.htm"/>
    		</customErrors>
            <!--The following sets the session idle timeout, when is person is autologged off-->
            <!-- <sessionState timeout="20"/> -->
            <!--The following makes sure that scrolling position is maintained after postback on ALL pages.-->
            <pages maintainScrollPositionOnPostBack="true" theme="LightBlue"></pages>
        </system.web>
    </configuration>
    

     

    Monday, July 14, 2014 12:02 PM

Answers

  • User-1818759697 posted

    Hi,

    When you try to visit a Web page that is hosted on Internet Information Services (IIS) 7.0, you may receive the following error message: "Error message 401.2.: Unauthorized: Logon failed due to server configuration......".

    To resolve this problem, follow these steps.

    Step 1: Turn on the Windows Authentication feature

    1. Click Start, type control panel in the Start Search box, and then click Control Panel in the Programs list.
    2. Click Programs and Features, and then click Turn Windows features on or off.
    3. Expand Internet Information Services, expand World Wide Web Services, and then expand Security.
    4. Click to select the Windows Authentication check box, and then click OK.

    Step 2: Add the Integrated Windows authentication native module in IIS Manager

    1. Click Start, type Inetmgr in the Start Search box, and then click Inetmgr in the Programs list. 
      If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.
    2. In the Connections pane, expand the computer that is running IIS 7.0, expand Web Sites, and then click Default Web Site.
    3. On the Default Web Site Home page, double-click Modules.
    4. In the Actions pane, click Add Native Module.
    5. In the Add Native Module dialog box, click to select the WindowsAuthenticationModule check box, and then click OK.

    Resolution 2

    Configure the Web application to use at least one authentication method. To do this, follow these steps:

    1. Click Start, type Inetmgr in the Start Search box, and then click Inetmgr in the Programs list. 
      If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.
    2. In the Connections pane, expand the computer that is running IIS 7.0, expand Web Sites, and then click Default Web Site.
    3. On the Default Web Site Home page, double-click Authentication.
    4. Click one of the authentication methods, and then click Enable in the Actions pane.

    For detailed information, you could refer to:

    http://support.microsoft.com/kb/942043

    Regards

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, July 15, 2014 5:20 AM