I have a very basic forms-based authentication setup based on this tutorial, https://msdn.microsoft.com/en-us/library/xdt4thhy(v=vs.100).aspx, no membership or role providers.
When I deploy to our test IIS server and make sure that authentication setup appears correct with Forms Authentication enabled and Windows Authentication disabled, I receive a 401.2 Unauthorized error from the login page. I can look in the log files and access to default.aspx is doing the correct 302 redirect, while Logon.aspx is throwing the error.
I have:
1. Changed the app pool to run under Network Service
2. Confirmed that Network Service has at least read access to the login.aspx
3. Added a location section to my web.config to allow="?" for Logon.aspx, although this shouldn't be necessary since Logon.aspx is specified as the loginUrl.
4. Other stuff that I have forgotten in my pursuit of a solution.
Here is the relevant section of my web.config:
<system.web> <authentication mode="Forms"> <!-- for external use, mode="Forms" / for internal use, mode="Windows" --> <forms name=".ASPXFORMSAUTH" loginUrl="Logon.aspx"></forms> </authentication> <authorization> <deny users="?" /> <allow users="*" /> </authorization> </system.web> <location path="Logon.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web>
Any help would be appreciated!
Chris
- Moved by Kristin XieMicrosoft contingent staff 18 minutes ago