none
Get 401 authorization error when accessing Https website RRS feed

  • Question

  • The site uses windows authentication. When I access the website, a dialog popup to acquire user name and password. I input my alias with domain and password. The dialog popups 3 times. After that, I get an error 401 described as following,

    "401 - unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page that using the credentials that you supplied"

    I could access the website before, the error has been happening recently. I wonder whether some configuration changes on my computer resulting this problem? Any replies are appreciated!

    Following is information from event viewer of the server where the website locates. Why security ID is "NULL SID".

    An account failed to log on.

    Subject:

    Security ID: NULL SID

    Account Name: -

    Account Domain: -

    Logon ID: 0x0

    Logon Type: 3

    Account For Which Logon Failed:

    Security ID: NULL SID

    Account Name: myalias

    Account Domain: mydomain

    Failure Information:

    Failure Reason: An Error occured during Logon.

    Status: 0xc000035b

    Sub Status: 0x0

    Process Information:

    Caller Process ID: 0x0

    Caller Process Name: -

    Network Information:

    Workstation Name: KATE-24790181

    Source Network Address: -

    Source Port: -

    Detailed Authentication Information:

    Logon Process:

    Authentication Package: NTLM

    Transited Services: -

    Package Name (NTLM only): -

    Key Length: 0

    This event is generated when a logon request fails. It is generated on the computer where access was attempted.

    The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

    The Process Information fields indicate which account and process on the system requested the logon.

    The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.

    - Transited services indicate which intermediate services have participated in this logon request.

    - Package name indicates which sub-protocol was used among the NTLM protocols.

    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

    Thursday, December 20, 2012 6:05 AM

Answers

  • First, it is sometimes hard to tell exactly where in a network blocking is occuring.    When making a connection you often are going through multiple servers each having different group policies, credentials, and passwords.   Often in a company network the credentials are shared between servers, but the updates to the credentials may take up to 24 hours before all servers in a company to get updated after you change a password.  You also may have problems with a certificate expiring and needs to be renewed.  Watch the URL box of your browser to see if it changes colors.  When it changes colors it is a indication of a certificate being used.

    When a POP occurs 3 times asking for credentials, you don't know if the message is coming from 1 server, or you get through 1 server with your credentials and then get the same message occurs from a 2nd server.  Always check the box on the Pop up to remember the the password.  You may need to use a different set of credentials (user id and password) on different servers.

    Each server on your connection may have a different firewall that may be blocking your connection.  Firewalls can block a copnnection based on may factors like port number, certificiates, IP address (or URL), encryption (Https, SSL, TLS) and contents.  Your webbrowser may be using HTTP1.0 and the server is requiring HTTP1.1.  Check you webbrows Tools-Options-Advance Security settings.

    Webpages have headers which contain the type of contents at a website.  When a connection is made to a webpage the firewall program look at these headers and may block a connection based on the contents.  You don't know if the firewall has added new blockers for contents or even the webpage that you are connecting to has added new headers.  The headers are used for two puposes.  The search engines use the header to find websites, and the Firewalls use the headers to block access.


    jdweng

    Friday, December 21, 2012 9:34 AM

All replies

  • I is possible that a firewall had been added to block the website.  The other possibilities is a webbrowser setting in the advance tab "Security " security section has changed, the website was added as a blocked site, or the security level has changed.  Sometimes the websites add tags to the type of material at the website and then the webbrowser starts to block the website because of the security level settings of the webbrowser.  I normally first shutdown my webbrowsers and Delete Browsing History (cookies, temporary files) to delete and spam that may be causing the issues.

    jdweng

    Thursday, December 20, 2012 10:24 AM
  • "I is possible that a firewall had been added to block the website. "

    Could you please provide more details on this? how is a firewall added to block the website?

    Friday, December 21, 2012 7:24 AM
  • First, it is sometimes hard to tell exactly where in a network blocking is occuring.    When making a connection you often are going through multiple servers each having different group policies, credentials, and passwords.   Often in a company network the credentials are shared between servers, but the updates to the credentials may take up to 24 hours before all servers in a company to get updated after you change a password.  You also may have problems with a certificate expiring and needs to be renewed.  Watch the URL box of your browser to see if it changes colors.  When it changes colors it is a indication of a certificate being used.

    When a POP occurs 3 times asking for credentials, you don't know if the message is coming from 1 server, or you get through 1 server with your credentials and then get the same message occurs from a 2nd server.  Always check the box on the Pop up to remember the the password.  You may need to use a different set of credentials (user id and password) on different servers.

    Each server on your connection may have a different firewall that may be blocking your connection.  Firewalls can block a copnnection based on may factors like port number, certificiates, IP address (or URL), encryption (Https, SSL, TLS) and contents.  Your webbrowser may be using HTTP1.0 and the server is requiring HTTP1.1.  Check you webbrows Tools-Options-Advance Security settings.

    Webpages have headers which contain the type of contents at a website.  When a connection is made to a webpage the firewall program look at these headers and may block a connection based on the contents.  You don't know if the firewall has added new blockers for contents or even the webpage that you are connecting to has added new headers.  The headers are used for two puposes.  The search engines use the header to find websites, and the Firewalls use the headers to block access.


    jdweng

    Friday, December 21, 2012 9:34 AM