Pankaj Gaur Pankaj Gaur - 2 months ago 17
ASP.NET (C#) Question

Access is Denied - 401.2: Unauthorized Error

I have an ASP.NET website hosted on IIS 7.5 as below:

I have "customwebsite.com" as the website and in it I have two Web Applications - uk & us - so that I can access these application as customwebsite.com/uk & customwebsite.com/us.

customwebsite.com directory does not have any web.config and have only two folders for web application us and uk.

Both us and uk web application have their individual web.config and have Form Authentication specified as below:

<authentication mode="Forms">
<forms loginUrl="/static/login.aspx" name="login" timeout="20"/>
</authentication>

<authorization>
<deny users="?" />
</authorization>


At this path: /static, there is a web.config with following content:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</configuration>


When I hit the root URL for us application, the Website loads correctly but if I loads from uk, I got the error as below:
enter image description here

I have checked the Folder Security, and all the required users have been granted permission and are same for both us and uk applications.

I have checked the IIS logs and below is the response codes of the request in case of failure: 401 0 0 1519 296

Can someone help me resolving this issue.

Answer

Got it resolved.

There was two more folders where the redirection of /static/login.aspx happens.

We need to allow access to all such redirecting folders by having a web.config files in those folders with below content:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.web>
        <authorization>
            <allow users="?" />
        </authorization>
    </system.web>
</configuration>
Comments