I am using IIS 7.5 and want to change a website from using anonymous authentication to basic authentication. I access the Authentication feature, disable anonymous authentication then enable basic authentication. When I access the website I get the following error
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
Module: IIS Web Core
Notification: AuthenticateRequest
Handler: StaticFile
Error Code: 0x80070005
Requested URL: http://mywebsite.com:80/
Physical Path: \\myserver\myfolder
Logon Method: Not yet determined
Logon User: Not yet determined
I was expecting to get issued with a challenge (ask for username and password) but nothing, just the error.
Turning on failed request tracing I can see the following errors
MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName: IIS Web Core
Notification: 2
HttpStatus: 401
HttpReason: Unauthorized
HttpSubStatus: 2
ErrorCode: 2147942405
ConfigExceptionInfo:
Notification: AUTHENTICATE_REQUEST
ErrorCode: Access is denied. (0x80070005)
A couple of lines before this I guess the request is asking for anonymous access and is failing.
AUTH_REQUEST_AUTH_TYPE
RequestAuthType: 1
RequestAuthType: Anonymous
What I'd like to know is why doesn't the server issue a challenge?
Best Answer
Looks like I had a problem in my
applicationHost.config
.I added the following to the
<globalModules>
sectionAnd I added the following to the overall server
<system.webserver>
sectionthe
...
denotes other content in each of the sections, the important parts are the<add />
sections