I get a 401 error with the above setting in my web.config.
However, if comment out the <deny users="?" /> I can get to my login page without issues. But then of course if the user's session times out or they book mark a different page inside my site they are not automatically redirected to my login page.
As understand you are creating applications within a main web application. Each sub application is independent of the others and you're simply sharing the domain name? This new independent application is not behaving like the others?
If so, make sure the new application has its own application pool.
As understand you are creating applications within a main web application. Each sub application is independent of the others and you're simply sharing the domain name? This new independent application is not behaving like the others?
If so, make sure the new application has its own application pool.
Correct sharing the domain name.
That may be it. I am sharing an app pool with one of the other web applications. I'll try and get one of the SAs to create a new user and App pool for me.
But I don't think that explains the behavior when I comment out the
<denyusers="?"/>
If I go to https://example.com/mysubsite/PKILogin.aspx the login page loads and allows me to login. Everything seems to work except it doesn't redirect me to that page first.
Or you could create a new web.config in your sub folder where your login page is.(Mine is account).
Then you could reconfigure the newly created web.config as follows. It will rewrite the configuration in your root web.config(web.config in sub folder could rewrite configuration of web.config in parent folder).
Member
2 Points
8 Posts
Forms Authentication - 401 error on login page
Jan 22, 2019 08:25 PM|scottmetzger|LINK
For some reason I can't seem to get Forms Authentication to work properly on my subsite...
<authentication mode="Forms"> <forms defaultUrl="Default.aspx" loginUrl="PKILogin.aspx" timeout="2880" /> </authentication> <authorization> <deny users="?" /> </authorization>I get a 401 error with the above setting in my web.config.
However, if comment out the <deny users="?" /> I can get to my login page without issues. But then of course if the user's session times out or they book mark a different page inside my site they are not automatically redirected to my login page.
ASP.net 4.7.2 IIS 7.5
Any ideas on how to solve this?
All-Star
37171 Points
15019 Posts
Re: Forms Authentication - 401 error on login page
Jan 22, 2019 08:31 PM|mgebhard|LINK
How is your "subsite" configured in IIS? Can you explain the design?
Member
2 Points
8 Posts
Re: Forms Authentication - 401 error on login page
Jan 22, 2019 08:37 PM|scottmetzger|LINK
It is configured as an 'application'.
So, main site is https://example.com
application is mysubsite
so url for is https://example.com/mysubsite
Other susbsites exist https://example.com/mysubsite2 etc.
Each subsite does its own authentication.
All-Star
37171 Points
15019 Posts
Re: Forms Authentication - 401 error on login page
Jan 22, 2019 08:51 PM|mgebhard|LINK
As understand you are creating applications within a main web application. Each sub application is independent of the others and you're simply sharing the domain name? This new independent application is not behaving like the others?
If so, make sure the new application has its own application pool.
Member
2 Points
8 Posts
Re: Forms Authentication - 401 error on login page
Jan 23, 2019 02:55 AM|scottmetzger|LINK
Correct sharing the domain name.
That may be it. I am sharing an app pool with one of the other web applications. I'll try and get one of the SAs to create a new user and App pool for me.
But I don't think that explains the behavior when I comment out the
If I go to https://example.com/mysubsite/PKILogin.aspx the login page loads and allows me to login. Everything seems to work except it doesn't redirect me to that page first.
Contributor
2320 Points
911 Posts
Re: Forms Authentication - 401 error on login page
Jan 23, 2019 04:11 AM|Ackerly Xu|LINK
Hi scottmetzger,
deny users="?" means denying access to all the pages in the current folder and its sub folders.
So it will also deny access to your Default.aspx.
You could add your default.asp. in a sub folder and configure your root web.config as follows. account is the folder where your login page is
Or you could create a new web.config in your sub folder where your login page is.(Mine is account).
Then you could reconfigure the newly created web.config as follows. It will rewrite the configuration in your root web.config(web.config in sub folder could rewrite configuration of web.config in parent folder).
<?xml version="1.0"?> <configuration> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </configuration>Best regards,
Ackerly Xu
Please remember to "Mark as Answer" the responses that resolved your issue.
Member
2 Points
8 Posts
Re: Forms Authentication - 401 error on login page
Jan 23, 2019 05:21 AM|scottmetzger|LINK
That's it thanks.
I just opened up my login page instead of a whole directory...