问题
I am using IIS Express to deploy MVC4 application. This website runs perfectly on same computer. But in Lan it gives me error 401.
<authentication mode="Forms">
<forms loginUrl="~/" slidingExpiration="true" timeout="20">
</forms>
</authentication>
In home controller
[HttpPost]
[AllowAnonymous]
public ActionResult Index(LoginModel model, string returnUrl)
{
}
I am starting IIS server from command prompt in Administrator mode. IIS responds to the request with error 401.
Any clue?
回答1:
I realize this is an older post but I had the same error on IIS 8.5. Hopefully this can help another experiencing the same issue (I didn't see my issue outlined in other questions with a similar title).
Everything seemed set up correctly with the Application Pool Identity, but I continued to receive the error. After much digging, there is a setting for the anonymous user to use the credentials of the application pool identity or a specific user. For whatever reason, mine was defaulted to a specific user. Altering the setting to the App Pool Identity fixed the issue for me.
- IIS Manager → Sites → Website
- Double click "Authentication"
- Select Anonymous Authentication
- From the Actions panel, select Edit
- Select Application pool Identity and click ok
Hopefully this saves someone else some time!
回答2:
If you're using IIS 7 do something like this:
- Select your site.
- Click on error pages.
- Edit feature settings.
- Select detailed errors.
Enjoy.
回答3:
Make sure that you enabled anonymous authentication on iis like this:
回答4:
In case anyone is still looking for this, this solved the problem for us:
To whoever this may help, this saved my life...
IIS 7 was difficult for figuring out why i was getting the 401 - Unauthorized: Access is denied due to invalid credentials... until i did this...
- Open IIS and select the website that is causing the 401
- Open the "Authentication" property under the "IIS" header
- Click the "Windows Authentication" item and click "Providers"
- For me the issue was that Negotiate was above NTLM. I assume that there was some kind of handshake going on behind the scenes, but i was never really authenticated. I moved the NTLM to the top most spot, and BAM that fixed it.
Here is the link where this was found.
回答5:
I realize its an old question, but this came up in my searches. Had a similar issue for an MVC application recently built, deployed for the first time, and Authentication mechanism wasn't completely hashed out.
It wasn't an IIS setting in my case, it was a Controller that was not [AllowAnonymous] decorated. I was using a Render.Action/Html.Action in a Layout.cshtml and the User was unauthenticated. So the Layout tried to load an Authenticated Action in an UnAuthenticated context.
Once I updated the action to AllowAnonymous, the problem went away, and this is what led me to it.
Hope this helps someone.
回答6:
I faced similar issue.
The folder was shared and Authenticated Users permission was provided, which solved my issue.
回答7:
I had a similar issue today. For some reason, my GET request was fine, but PUT request was failing for my WCF WebHttp Service
Adding the following to the Web.config solved the issue
<system.web>
<authentication mode="Forms" />
</system.web>
回答8:
I faced this error when I created an empty project with the MVC folders and then deployed the application to the server. My issue was that I didn't define the authentication in Web.config, so all I had to do was add this line to a system.web tag.
<system.web>
<authentication mode="None"/>
</system.web>
回答9:
i faced the same issue under IIS 8.5. A working solution for me was changing the IIS to display detailled errors. See answer from sna2stha. But i think it is not a good idea to forward detailed error messages to browsers in production enviroments. I added/changed the existingResponse attribute in the httpErrors-Section, so the IIS not handled any extisting Asp.net Response:
<httpErrors existingResponse="PassThrough" />
This works for me.
回答10:
In my case,
My application is developed in MVC and my home controller class was decorated with [Authorize] which was causing this issue.
So I've removed it because my application don't require any authentication.
来源:https://stackoverflow.com/questions/13279593/401-unauthorized-access-is-denied-due-to-invalid-credentials