stackoom
  简体   繁体   中英

Access denied (401.2) when loading default documents using Owin with Identity 2.0

 原文  2021-09-24 21:50:04       authentication/ iis/ forms-authentication/ document/ identity

Question

We recently converted a Framework 4.8 WebForms project that was using Forms Authentication to use Identity 2.0 Authentication and now we can't access default documents or images without allowing anonymous access.

Once authenticated with Identity, if you browse to a folder such as http://mysite/dashboard/default.aspx it works fine. However, if the default page is not in the path as in http://mysite/dashboard/ it returns 401.2 as though IIS needs permissions to server the page:

*Access is denied. Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.

Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.*

We have <authentication mode="None"> which I understand is correct for this situation. IIS is configured to use default documents just as it was when we were using Forms Authentication.

We also deny unauthenticated users with the System.Web.Security.UrlAuthorizationModule :

<authorization>
      <deny users="?" />
</authorization>

If we allow anonymous on the folder it does work but we don't what anonymous access on these locations.

<location path="Dashboard">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

So, how do you configure IIS to access default documents without 'allow anonymous' so it works like it did under Forms Authentication.

Thanks!!!

2 answers

solution1
 0  2021-09-27 06:22:45

Try to add this to the System.Webserver section

<modules>
  <remove name="FormsAuthentication"/>
   <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule"  />
</modules>

The key seems to be to remove the managedHandler Precondition from the FormsAuthentication module. As I understand it this is only supposed to optimize serving of static content.

solution2
 0  2021-10-02 19:43:16

Found that adding <modules runAllManagedModulesForAllRequests="true"> to the web.config resolved the issues. Not really sure why at this point. I did notice that the request for a static file did not include the user identity which was working before removing Forms Authentication. After adding this, the user identity started showing up in the request.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Getting HTTP 401.2 Unauthorized when porting old Web Forms to OWIN IIS 6: Getting 401.2 access denied with anonymous authentication enabled Angular Autentication Service using Owin and Identity and JWT 401.2 error only with Anonymous Access How to implement OWIN bearer token based authentication without using Identity? Custom error page when using Owin MVC Owin Identity 2 CheckPasswordAsync() will not execute Am I getting this error because I'm using SSO? “Error loading state: AccessDenied: Access Denied status code: 403”? External Login without using identity asp.net core 2.0 MVC5 Identity/OWIN - Signout events
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM