All requests getting HTTP Error 401.2 - Unauthorized response

asp.net-mvc iis security iis-express
24,517

Option-1:

In applicationhost.config check if there is any entry as shown below. If there is any such entry change anonymousAuthetication enabled value from 'false' to 'true'.

<location path="YOUR-APPLICATION-NAME">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
    </system.webServer>
</location>

Option-2:

If you are using visual studio, make sure that anonymousAuthentication is enabled. enter image description here

Share:
24,517
LDJ
Author by

LDJ

Updated on July 05, 2022

Comments

  • LDJ
    LDJ almost 2 years

    My MVC app has, until a few minutes ago, been working fine (with asp/net membership as part of the solution). However, without knowingly changing anything relevant every request, even to my homecontroller (which doesn't have any authorization attributes etc).

    I've taken all the entries out of the web.config for now relating to authorization, and I've check the applicationhost.config which has the following:

    <access sslFlags="None" />

        <applicationDependencies>
            <application name="Active Server Pages" groupId="ASP" />
        </applicationDependencies>

        <authentication>

            <anonymousAuthentication enabled="true" userName="" />

            <basicAuthentication enabled="false" />

            <clientCertificateMappingAuthentication enabled="false" />

            <digestAuthentication enabled="false" />

            <iisClientCertificateMappingAuthentication enabled="false">
            </iisClientCertificateMappingAuthentication>

            <windowsAuthentication enabled="false">
                <providers>
                    <add value="Negotiate" />
                    <add value="NTLM" />
                </providers>
            </windowsAuthentication>

        </authentication>

        <authorization>
            <add accessType="Allow" users="*" />
        </authorization>

    Can anyone suggest what may be causing this?

    Thanks

    Further information on this, I switched to using full IIS and its working fine now, so it looks like its an IIS Express issue. Any clues as to the cause? Is there no full IIS express gui other than the system tray icon?

  • Tim Lewis
    Tim Lewis almost 10 years
    Or if you want to use the built-in Active Directory authentication, change the "Windows Authentication" to Enabled, and leave "Anonymous Authentication" Disabled.
  • Eric D. Johnson
    Eric D. Johnson about 8 years
    I had something similar with Windows Authentication, and had to change like in your pic above in my projects Properties pane from Disabled to Enabled and bingo, it was good.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

IIS Express Enable External Request - 503
Connection Reset error trying to set up HTTPS locally using VS and IIS Express
Web.Config might be “unreadable”
What are the security effects of giving the IIS_IUSRS a Full Control permission?
IIS Express gives Access Denied error when debugging ASP.NET MVC
Dots in URL causes 404 with ASP.NET mvc and IIS
Forms authentication with requireSSL=true not returning cookie with Secure attribute
aspnetcore.dll failed to load
stopping ZmEu attacks with ASP.NET MVC
Enable HTTP Strict Transport Security (HSTS) in Azure WebRoles