Answered by:
Cannot Authenticate User on Web Site that Has Worked for Years
Question
-
User-748031297 posted
Windows Server 2008 R2. IIS 7.x. Visual Developer 2013 Ultimate.
(Edited: isn't there a configuration window you use in VS when you set up a web site that tells VS how to authenticate? How do I get to that in VS 2013?)
I am in the process of updating a web site that has been running fine for years. I have no problem debugging it in Visual Studio 2012. I just moved it into VS2013 and upgraded to .NET framework 4.x from .NET Framework 2.0. In the process, I rebuilt the Web.config file, trying to maintain the authentication settings from the old site. I have included the Web.config below. I get an "Access denied" error page when I try to display (from VS2013) the Default.aspx file. The error is as follows:
Server Error in '/' Application.
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446
The Web.config file in the root directory is as follows:
<?xml version="1.0" encoding="utf-8"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/?LinkId=169433 --> <configuration> <configSections> <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 --> <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" /> </configSections> <connectionStrings> <add name="ExtranetConnectionString" connectionString="Data Source=GNWeb.goodnewsjail.org;Initial Catalog=Extranet;User Id=goodnews_intranet;Password=xxx" providerName="System.Data.SqlClient"/> <add name="Good_News_FEConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_FE;User Id=FEOPEN7;Password=xx" providerName="System.Data.SqlClient"/> <add name="Good_News_REConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_RE;User Id=reopen;Password=xx" providerName="System.Data.SqlClient"/> <add name="GoodNews_RestrictedConnectionString" connectionString="Data Source=gnweb.goodnewsjail.org;Initial Catalog=GoodNews;Persist Security Info=True;User ID=goodnews_restricted;Password=xxx" providerName="System.Data.SqlClient"/> </connectionStrings> <system.web> <customErrors mode="Off"/> <authentication mode="Windows"/> <compilation debug="true" targetFramework="4.5" /> <httpRuntime targetFramework="4.5" /> <pages> <namespaces> </namespaces> <controls> <add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" /> </controls> </pages> <siteMap defaultProvider="MainSiteMap"> <providers> <add name="MainSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Main.sitemap"/> <add name="AdminSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Admin.sitemap"/> <add name="EditorSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Editor.sitemap"/> <add name="ExecSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Exec.sitemap"/> <add name="FinanceSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Finance.sitemap"/> <add name="RDSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/RD.sitemap"/> <add name="ChaplainSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Chaplain.sitemap"/> <add name="AdvancementSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Advancement.sitemap"/> <add name="SEStaffSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/SEStaff.sitemap"/> <add name="StaffSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Staff.sitemap"/> <add name="PCSSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/PCS.sitemap"/> <add name="AdminAsstSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/AdminAsst.sitemap"/> <add name="ContractorSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Contractor.sitemap"/> <add name="OtherSiteMap" type="System.Web.XmlSiteMapProvider" siteMapFile="~/Extranet/MasterPages/Sitemaps/Other.sitemap"/> </providers> </siteMap> <sessionState mode="InProc" customProvider="DefaultSessionProvider"> <providers> <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" /> </providers> </sessionState> </system.web> <system.webServer> <modules> <remove name="FormsAuthenticationModule" /> </modules> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="WebGrease" culture="neutral" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" /> </dependentAssembly> </assemblyBinding> </runtime> <entityFramework> <defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" /> <providers> <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" /> </providers> </entityFramework> </configuration>I also have a Web.config in the subdirectory "Extranet," as this is the secure directory (https:) and contains all the files for the site. The root directory only has the index.htm (which redirects to the Extranet folder) and the Web.Config file shown above. Here is the Web.config in the Extranet folder:
<?xml version="1.0"?> <!-- Note: As an alternative to hand editing this file you can use the web admin tool to configure settings for your application. Use the Website->Asp.Net Configuration option in Visual Studio. A full list of settings and comments can be found in machine.config.comments usually located in \Windows\Microsoft.Net\Framework\v4.x\Config --> <configuration> <location path="Extranet/Images/PublicImages"> <system.web> <compilation debug="true" strict="false" explicit="true" targetFramework="4.5" /> <httpRuntime targetFramework="4.5" /> <authorization> <allow users="*"/> </authorization> </system.web> </location> <location path="Extranet/Temp Files"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> <location path="Index.htm"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> <appSettings/> <connectionStrings> <add name="ExtranetConnectionString" connectionString="Data Source=GNWeb.goodnewsjail.org;Initial Catalog=Extranet;User Id=goodnews_intranet;Password=xxx" providerName="System.Data.SqlClient"/> <add name="Good_News_FEConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_FE;User Id=FEOPEN7;Password=xx" providerName="System.Data.SqlClient"/> <add name="Good_News_REConnectionString" connectionString="Data Source=GNFinance.goodnewsjail.org;Initial Catalog=Good_News_RE;User Id=reopen;Password=xx" providerName="System.Data.SqlClient"/> <add name="GoodNews_RestrictedConnectionString" connectionString="Data Source=gnweb.goodnewsjail.org;Initial Catalog=GoodNews;Persist Security Info=True;User ID=goodnews_restricted;Password=xxx" providerName="System.Data.SqlClient"/> </connectionStrings> <system.web> <identity impersonate="true" /> <httpRuntime executionTimeout="36000" maxRequestLength="32768"/> <!-- Allow files up to 32768 KB to be uploaded --> <!-- Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development. --> <compilation debug="true"> </compilation> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <!-- <authentication mode="Windows"> </authentication> --> <authorization> <deny users="?"/> <allow users="*"/> </authorization> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. --> <customErrors mode="RemoteOnly" defaultRedirect="GNError.aspx"> <error statusCode="403" redirect="NoAccess.htm"/> <error statusCode="404" redirect="FileNotFound.htm"/> </customErrors> <!--The following sets the session idle timeout, when is person is autologged off--> <!-- <sessionState timeout="20"/> --> <!--The following makes sure that scrolling position is maintained after postback on ALL pages.--> <pages maintainScrollPositionOnPostBack="true" theme="LightBlue"></pages> </system.web> </configuration>Monday, July 14, 2014 12:02 PM
Answers
-
User-1818759697 posted
Hi,
When you try to visit a Web page that is hosted on Internet Information Services (IIS) 7.0, you may receive the following error message: "Error message 401.2.: Unauthorized: Logon failed due to server configuration......".
To resolve this problem, follow these steps.
Step 1: Turn on the Windows Authentication feature
- Click Start, type control panel in the Start Search box, and then click Control Panel in the Programs list.
- Click Programs and Features, and then click Turn Windows features on or off.
- Expand Internet Information Services, expand World Wide Web Services, and then expand Security.
- Click to select the Windows Authentication check box, and then click OK.
Step 2: Add the Integrated Windows authentication native module in IIS Manager
- Click Start, type Inetmgr in the Start Search box, and then click
Inetmgr in the Programs list.
If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. - In the Connections pane, expand the computer that is running IIS 7.0, expand Web Sites, and then click Default Web Site.
- On the Default Web Site Home page, double-click Modules.
- In the Actions pane, click Add Native Module.
- In the Add Native Module dialog box, click to select the WindowsAuthenticationModule check box, and then click OK.
Resolution 2
Configure the Web application to use at least one authentication method. To do this, follow these steps:
- Click Start, type Inetmgr in the Start Search box, and then click
Inetmgr in the Programs list.
If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. - In the Connections pane, expand the computer that is running IIS 7.0, expand Web Sites, and then click Default Web Site.
- On the Default Web Site Home page, double-click Authentication.
- Click one of the authentication methods, and then click Enable in the Actions pane.
For detailed information, you could refer to:
http://support.microsoft.com/kb/942043
Regards
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Tuesday, July 15, 2014 5:20 AM
