I have followed this article to create a web.api site on my IIS. But I am getting Error 401.2 - Unauthorized. The site has anonymous access enabled, so I not sure where else should I look. Running dotnet command from the command prompt using my dll as a parameter works fine.
After messing around with the configuration I was able to get it to work.
I had to put an specifc user in the anonymous access.
Related
I've got this .net core 2.2 app, and it works locally. It's got these two main projects, PictureLink.UI and PictureLink.API.
The UI side sends requests to POST and GET from the API side via the Angular frontend.
Locally, it works just fine. When it sends a GET to the UI side, it sends to URLs like: https://localhost:44343/UI/auth/DecodeJwtPayload <-- This works
And when it tries to access the API side, it sends to URLs like:
https://localhost:44343/API/photo/GetPhotos <-- This works
Locally, it works just fine.
Then I published it, and now the URLs are like:
https://{url}/UI/auth/DecodeJwtPayload <-- This works
And when it tries to access the API side, it sends to URLs like:
https://{URL}/API/photo/GetPhotos <-- And this returns a 404
I don't understand why it would work locally during testing and then stop working when we publish it.
Some articles suggested adding services.AddControllers() to ConfigureServices in Startup, but VS is telling me that's not a valid method.
I don't even know where to start looking. Is this a routing issue? And IIS issue? An AzureDevOps issue? A config issue?
I am so. Lost.
There are many reasons for the 404 error. You can try the following methods:
1.You need to publish your website and then point IIS website to the published folder.
2.Application pool must be set to No Managed code
3.Application Pool identity user IIS AppPool\{AppPoolName} must have read permissions on the published website folder. Change the identity of your application pool to ApplicationPoolIdentity. For application pool identity there will be user account with name IIS AppPool{Applicaiton Pool name} e.g. for DefaultAppPool the user account is IIS AppPool\DefaultAppPool so you can allow read/write access to your to Applicaiton Pool user on published application folder.
If you still can’t solve your problem, please publish your controller code and web.config file.
I am working on dnn site and facing some issue related with authentication.
When i'm going to browse a url ../admin/ControlPanel/module.css, it's showing 401 - Unauthorized: Access is denied due to invalid credentials.
I have verified all the settings in IIS, still not able to understand why this error is coming.
Thanks,
Is that the only file/path that is having that problem?
I would start by checking to see if you have Basic Authentication enabled in IIS.
Make sure there isn't a virtual directory or application configured on the admin folder for some odd reason.
I don't know what am I missing about configuring spring-saml-extension and adfs. I did everything as mentioned in this guide, but IIS returns me a 403 forbidden error with this message:
You do not have permission to view this directory or page using the credentials that you supplied.
Is there anything else I need to do on IIS?
Well,
after hours researching about this I found what the problem was.
There is an ISAPI filter on
IIS -> Default Web Site
that was redirecting request to another place.
I got this by enabling httpErrors to DetailedMode:
C:\Windows\System32\inetsrv>appcmd.exe set config "Default Web Site" /section:httpErrors /errorMode:Detailed
Then, when I entered to /adfs/ls/idpinitiatedsignon.aspx, ISS throwed this screen: Http Error 403.18 - Forbidden
For more information about this, I would recomenend to see throbleshoot ISS errors like a pro
So, what I did was to remove that filter at
IIS -> Default Web Site -> ISAPI Filters
and it finally worked :)
Thanks #admdrew and #Vladimir for your help.
There are quite a lot of threads and questions about this issue. However, non-of them helped me.
I have got an MVC4 app running on IIS8 without any probblem. I need to move this app to Windows 2012 R2 Server which has IIS8.5.
Whichever user I give access to folder, I still get following exception.
HTTP Error 401.0 - Unauthorized
You do not have permission to view this directory or page.
Most likely causes:
The authenticated user does not have access to a resource needed to process the request.
Here is the error trace screenshot
Regarding IIS Site Setup, Anonymous Authentication and Forms Authentication are enabled.
Lastly, I have given Server\IIS_USERS, App Pool Account, IUSR, Server\Users readn and write access to make it work, but still same error.
Could anyone help me with this please?
Thanks.
We have a .NET application that was recently converted to .NET 4.0 and then published to IIS 6.0. When we trying going to the url without a page www.blahblahblah.com we get the following error:
Server Error in '/' Application.
Access is denied. Description: An
error occurred while accessing the
resources required to serve this
request. The server may not be
configured for access to the requested
URL.
Error message 401.2.: Unauthorized:
Logon failed due to server
configuration. Verify that you have
permission to view this directory or
page based on the credentials you
supplied and the authentication
methods enabled on the Web server.
Contact the Web server's administrator
for additional assistance.
We have IIS 6.0 site setup with a default content page going to "default.aspx". However, it seems IIS is not getting to the point of forwarding the url to this page. If we navigate directly to www.blahblahblah.com/default.aspx the page comes up with not issue and we all other functionality of the application works. If we roll back to the 3.5 version, the default page forwarding works as it should. Does anyone have any idea what is causing this?
I found the issue. Someone had put this (see below) in the authorization tag which prevented access to the website as a whole preventing IIS from forwarding to the default page, even though the page default.aspx had a location exception that allowed all users.
<authorization>
<deny users="*"/>
</authorization>