I was creating a new MVC 4 ASP.NET web application and ran into the exact same error as you (Error 401.2) when I tried to build my project for the first time.
I changed the options in IIS Manager on my development machine to disable anonymous authentication and enable windows authentication, but I was still getting the 401.2 error.
I did a little research and found out that I could change the properties of my project and resolve this error.
Solution Explorer:
- Select your Project
- Press F4 to show the Properties Window
Properties Window:
- Change 'Anonymous Authentication' to 'Disabled'
- Change 'Windows Authentication' to 'Enabled'
I hope this helps other people if it doesn't solve your specific problem. As long as you have the same settings on your Web Server, it should work as intended.
updated:
Oops, I overlooked the fact that you have a parent involved, my fault. Once permission defaults are set on the parent, you can just setup per-user access to the child web service/app.
The tightest configuration I could setup was the following.
For the parent, I used this barebones setup (nobody is allowed in):
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug="true" />
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<deny users="*" />
</authorization>
</system.web>
</configuration>
Then for the child (web service, in your case), I used this setup (only the DOMAIN\username
principal is allowed in):
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<allow users="DOMAIN\username" />
</authorization>
</system.web>
</configuration>
This resulted in no access at the parent level, but only the given user at the child (web service) level. Also, as you mentioned, setting the authentication mode doesn't work on the child web.config
.
Without setting up at least one allow
entry at the child web.config, though, nobody can get in, as the parent's deny
entry takes precedence.
original
Your settings work for me, but I believe you are missing a few elements.
Try including the impersonation element, make sure the authentication mode is set to Windows, and if deploying for IIS, make sure the IIS location has anonymous access off.
Try the following barebones config, with debug on or off as needed:
<?xml version="1.0"?>
<configuration>
<appSettings />
<connectionStrings />
<system.web>
<compilation debug="true" />
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="DOMAIN\username" />
<deny users="*" />
</authorization>
</system.web>
</configuration>
Best Answer
First make sure in your web.config everything is ok.
Here you can find Microsoft Support article for 401.2 Error.