Access is Denied - 401.2: Unauthorized Error
Solution 1
Got it resolved.
There was two more folders where the redirection of /static/login.aspx happens.
We need to allow access to all such redirecting folders by having a web.config files in those folders with below content:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</configuration>
Solution 2
Ran into this same error, but had a different resolution. In our case we had to set:
<machineKey compatibilityMode="Framework45" />
Details here: http://ardalis.com/asp-net-shared-authentication-problem-solved
Solution 3
In our case we had an error on the login page that redirected to the an error page that the user did not have rights to see, so it redirected to the login page... cycle rinse repeat.
We removed all the controls from the UI, then added them back one by one until the page crashed. Then we could narrow down the controls that had an error.
And yes, we gave all users access to the error page.
Related videos on Youtube
01 : 02
01 : 21
07 : 20
06 : 59
00 : 38
01 : 09
03 : 51
06 : 02
Pankaj Gaur
Around 12 years of experience in Software Development Life Cycle using AGILE, Iterative and RUP approaches. Hand-on experience in following: CMS packages: SDL Tridion, Umbraco, Kentico,Wordpress and Alfresco Search Engines: SOLR, AWS Cloud Search, Elastic Search .NET Technologies: .NET & .NET CE Framework, ASP.NET, ASP.NET MVC, WCF, WinForms Mobile Development: Android Native App, Windows Mobile App Database: MS-SQL Server, MySQL Program Management: JIRA, MS-Project Design Tools: MS-Visio, StarUML Have decent knowledge about Core Java, Spring MVC etc. Instrumental in Application Architecture, Designing (HLD & LLD), Coding and deployment .NET applications (Web, Desktop, Mobile). Experience in following domain: Digital Media & eCommerce Travel & Hospitality Aviation Industry Education Insurance Automation Automobile Railways Freelance trainer and consultant in .NET, CMS, SDL Tridion, Alfresco and soft skills like business communication, e-mail etiquette etc. Education: Bachelor Degree in Computer Engineering and Post Graduate Diploma in Business Administration with specialization in Marketing
Updated on June 04, 2022Comments
-
Pankaj Gaur almost 2 years
I have an ASP.NET website hosted on IIS 7.5 as below:
I have "customwebsite.com" as the website and in it I have two Web Applications - uk & us - so that I can access these application as customwebsite.com/uk & customwebsite.com/us.
customwebsite.com directory does not have any web.config and have only two folders for web application us and uk.
Both us and uk web application have their individual web.config and have Form Authentication specified as below:
<authentication mode="Forms"> <forms loginUrl="/static/login.aspx" name="login" timeout="20"/> </authentication> <authorization> <deny users="?" /> </authorization>At this path: /static, there is a web.config with following content:
<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </configuration>When I hit the root URL for us application, the Website loads correctly but if I loads from uk, I got the error as below:
I have checked the Folder Security, and all the required users have been granted permission and are same for both us and uk applications.
I have checked the IIS logs and below is the response codes of the request in case of failure: 401 0 0 1519 296
Can someone help me resolving this issue.