ASP.Net表单身份验证401.2未经授权
[英]ASP.Net Form authentication 401.2 Unauthorized
问题描述
I have an issue that's driving me nuts. 
我遇到一个让我发疯的问题。 I have created a ASP.Net project in Visual Studio 2015 with a predefined template. 我已经在Visual Studio 2015中使用预定义的模板创建了一个ASP.Net项目。 The target framework is 4.5 目标框架是4.5
When I added Forms authentication, all I got was a 401.2 message. 当我添加表单身份验证时,我得到的只是一条401.2消息。
This is how I configured the application: I created a Login.aspx page. 这是配置应用程序的方式:我创建了Login.aspx页面。 Then in the web.config I added the following properties in the system.web section: 然后在web.config中,在system.web部分中添加了以下属性:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
path="/"
defaultUrl="Default.aspx" />
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
I checked some other posts, but none helped me out so far: 我检查了其他一些帖子,但到目前为止没有一个帮助我:
This one is not applicable: Access is Denied - 401.2: Unauthorized Error 这一项不适用: 拒绝访问-401.2:未经授权的错误
This one looked promising, but no cigar for my app: .NET Forms Authentication using IIS8.0 Express (vs2013) - 401.2.: Unauthorized: Logon failed due to server configuration 这看起来很有希望,但对我的应用程序却没有雪茄: 使用IIS8.0 Express(vs2013)的.NET表单身份验证(vs2013)-401.2 。:未经授权:由于服务器配置,登录失败
This one got me thinking: https://stackoverflow.com/a/35925125/980201 这让我开始思考: https : //stackoverflow.com/a/35925125/980201
When I check the IIS(Express) logfile, this is what I get: 当我检查IIS(Express)日志文件时,这就是我得到的:
2017-02-24 19:29:22 ::1 GET / .... - 302
2017-02-24 19:29:22 ::1 GET /Login ReturnUrl=%2f .... - 401
Where did the .aspx in Login.aspx go? Login.aspx中的.aspx在哪里?
So I removed all FriendlyURL stuff, but no luck again. 因此,我删除了所有FriendlyURL内容,但再没有运气了。 In a final attempt I changed my config to: 在最后的尝试中,我将配置更改为:
<forms loginUrl="LoginXXX.aspx"
And this is what I got: 这就是我得到的:
2017-02-24 19:45:37 ::1 GET / ... - 302
2017-02-24 19:45:37 ::1 GET /LoginXXX.aspx ReturnUrl=%2f 57745 - 404
Why does .Net redirect to login instead of login.aspx ? 为什么.Net重定向到login而不是login.aspx? Any other thoughts on my app and config file? 对我的应用程序和配置文件还有其他想法吗?
Thanks a lot! 非常感谢!
Regards Roeland 问候罗兰
Edit Some unexpected turn of events: when I start debugging in VS with Login.aspx.cs as the current tab, it fails. 编辑一些意外事件:当我使用Login.aspx.cs作为当前选项卡在VS中开始调试时,它失败。 When I start debugging from Default.aspx.cs it works. 当我从Default.aspx.cs开始调试时,它可以工作。 Setting the Start Action of my project to Default.aspx solves the issue. 将项目的“ 开始操作”设置为Default.aspx可以解决此问题。 However, when the site runs, changing the url to login.aspx makes it fail again. 但是,当网站运行时,将URL更改为login.aspx会使它再次失败。
Why? 为什么? It doesn't make sense to me that only page that is everyone allowed to see, cannot be navigated directly. 对我来说,只有每个人都可以看到的页面无法直接导航对我来说没有意义。
1 个解决方案
解决方案1
-1 2017-02-24 22:42:02
If you used Visual Studio to create a default project, which you then used to enable forms authentication, then the problem is that Forms Authentication is disabled by default, because Identity Framework is the default authentication mechanism in VS 2015. 如果使用Visual Studio创建默认项目,然后使用该默认项目启用表单身份验证,则问题是默认情况下禁用了表单身份验证,因为Identity Framework是VS 2015中的默认身份验证机制。
Look for the this entry in web.config 在web.config中查找此条目
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
And remove the "remove". 并删除“删除”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.