All requests getting HTTP Error 401.2 - Unauthoriz

2019-02-12 23:06发布

问题:

My MVC app has, until a few minutes ago, been working fine (with asp/net membership as part of the solution). However, without knowingly changing anything relevant every request, even to my homecontroller (which doesn't have any authorization attributes etc).

I've taken all the entries out of the web.config for now relating to authorization, and I've check the applicationhost.config which has the following:

<access sslFlags="None" />

        <applicationDependencies>
            <application name="Active Server Pages" groupId="ASP" />
        </applicationDependencies>

        <authentication>

            <anonymousAuthentication enabled="true" userName="" />

            <basicAuthentication enabled="false" />

            <clientCertificateMappingAuthentication enabled="false" />

            <digestAuthentication enabled="false" />

            <iisClientCertificateMappingAuthentication enabled="false">
            </iisClientCertificateMappingAuthentication>

            <windowsAuthentication enabled="false">
                <providers>
                    <add value="Negotiate" />
                    <add value="NTLM" />
                </providers>
            </windowsAuthentication>

        </authentication>

        <authorization>
            <add accessType="Allow" users="*" />
        </authorization>

Can anyone suggest what may be causing this?

Thanks

Further information on this, I switched to using full IIS and its working fine now, so it looks like its an IIS Express issue. Any clues as to the cause? Is there no full IIS express gui other than the system tray icon?

回答1:

Option-1:

In applicationhost.config check if there is any entry as shown below. If there is any such entry change anonymousAuthetication enabled value from 'false' to 'true'.

<location path="YOUR-APPLICATION-NAME">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
    </system.webServer>
</location>

Option-2:

If you are using visual studio, make sure that anonymousAuthentication is enabled.



回答2:

This defeats the purpose -- if you enable anonymous auth, you are no longer using Active Directory... here is a better answer ....

HTTP Error 401.2 - Unauthorized for new site in a working app pool