stackoom
  简体   繁体   中英

ASP.Net Form authentication 401.2 Unauthorized

 原文  2017-02-24 19:52:19       c#/ asp.net/ .net/ visual-studio

Question

I have an issue that's driving me nuts. I have created a ASP.Net project in Visual Studio 2015 with a predefined template. The target framework is 4.5

When I added Forms authentication, all I got was a 401.2 message.

This is how I configured the application: I created a Login.aspx page. Then in the web.config I added the following properties in the system.web section: 

 <authentication mode="Forms">
      <forms loginUrl="Login.aspx"
             protection="All"
             timeout="30"
             name=".ASPXAUTH"
             path="/"
             defaultUrl="Default.aspx" />
    </authentication>
    <authorization>
      <deny users="?"/>
      <allow users="*"/>
    </authorization>

I checked some other posts, but none helped me out so far:

This one is not applicable: Access is Denied - 401.2: Unauthorized Error

This one looked promising, but no cigar for my app: .NET Forms Authentication using IIS8.0 Express (vs2013) - 401.2.: Unauthorized: Logon failed due to server configuration

This one got me thinking: https://stackoverflow.com/a/35925125/980201

When I check the IIS(Express) logfile, this is what I get: 

2017-02-24 19:29:22 ::1 GET / .... - 302
2017-02-24 19:29:22 ::1 GET /Login ReturnUrl=%2f .... - 401

Where did the .aspx in Login.aspx go?

So I removed all FriendlyURL stuff, but no luck again. In a final attempt I changed my config to: 

<forms loginUrl="LoginXXX.aspx"

And this is what I got: 

2017-02-24 19:45:37 ::1 GET / ... - 302
2017-02-24 19:45:37 ::1 GET /LoginXXX.aspx ReturnUrl=%2f 57745 - 404

Why does .Net redirect to login instead of login.aspx ? Any other thoughts on my app and config file?

Thanks a lot!

Regards Roeland

Edit Some unexpected turn of events: when I start debugging in VS with Login.aspx.cs as the current tab, it fails. When I start debugging from Default.aspx.cs it works. Setting the Start Action of my project to Default.aspx solves the issue. However, when the site runs, changing the url to login.aspx makes it fail again.

Why? It doesn't make sense to me that only page that is everyone allowed to see, cannot be navigated directly.

1 answers

solution1
 -1  2017-02-24 22:42:02

If you used Visual Studio to create a default project, which you then used to enable forms authentication, then the problem is that Forms Authentication is disabled by default, because Identity Framework is the default authentication mechanism in VS 2015.

Look for the this entry in web.config 

<system.webServer>
    <modules>
        <remove name="FormsAuthentication" />
    </modules>
</system.webServer>

And remove the "remove".

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Adding Forms Authentication to ASP.Net project results in 401.2 Unauthorized? Form Authentication in ASP.net ASP.NET WebAPI Basic Authentication always fails as 401/Unauthorized ASP.NET Core Web API Authentication allowing unauthorized access how to set Form authentication in asp.net ASP.net authentication authentication in asp.net MSTeams Tab ASP.NET Core MVC App Authentication with Bearer Token Unauthorized Error stop unauthorized file download in asp.net ASP.NET, 401 - Unauthorized, Valid account
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM