I have a very basic forms-based authentication setup based on this tutorial, https://msdn.microsoft.com/en-us/library/xdt4thhy(v=vs.100).aspx, no membership or role providers.

When I deploy to our test IIS server and make sure that authentication setup appears correct with Forms Authentication enabled and Windows Authentication disabled, I receive a 401.2 Unauthorized error from the login page. I can look in the log files and access to default.aspx is doing the correct 302 redirect, while Logon.aspx is throwing the error.

I have:

1. Changed the app pool to run under Network Service

2. Confirmed that Network Service has at least read access to the login.aspx

3. Added a location section to my web.config to allow="?" for Logon.aspx, although this shouldn't be necessary since Logon.aspx is specified as the loginUrl.

4. Other stuff that I have forgotten in my pursuit of a solution.

Here is the relevant section of my web.config:

<system.web>
<authentication mode="Forms"> <!-- for external use, mode="Forms" / for internal use, mode="Windows" -->
      <forms name=".ASPXFORMSAUTH" loginUrl="Logon.aspx"></forms>
    </authentication>
    <authorization>
     <deny users="?" />
     <allow users="*" />
    </authorization>
  </system.web>
  <location path="Logon.aspx">
    <system.web>
   <authorization>
     <allow users="?" />
    </authorization>
    </system.web>

Any help would be appreciated!

Chris

• Moved by Kristin XieMicrosoft contingent staff 18 minutes ago

Hi Chris,

According to your description, your case related to Asp.Net. I am afraid you posted in an inappropriate forum.  For questions related to ASP.NET use the ASP.NET forum.    
You should get more, better and faster answers on the other forum.  Thanks, ahead of time.

Best regards,

Kristin