Basic Authentication doesn't display login box
I am using IIS 7.5 and want to change a website from using anonymous authentication to basic authentication. I access the Authentication feature, disable anonymous authentication then enable basic authentication. When I access the website I get the following error
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
Module: IIS Web Core
Notification: AuthenticateRequest
Handler: StaticFile
Error Code: 0x80070005
Requested URL: http://mywebsite.com:80/
Physical Path: \\myserver\myfolder
Logon Method: Not yet determined
Logon User: Not yet determined
I was expecting to get issued with a challenge (ask for username and password) but nothing, just the error.
Turning on failed request tracing I can see the following errors
MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName: IIS Web Core
Notification: 2
HttpStatus: 401
HttpReason: Unauthorized
HttpSubStatus: 2
ErrorCode: 2147942405
ConfigExceptionInfo:
Notification: AUTHENTICATE_REQUEST
ErrorCode: Access is denied. (0x80070005)
A couple of lines before this I guess the request is asking for anonymous access and is failing.
AUTH_REQUEST_AUTH_TYPE
RequestAuthType: 1
RequestAuthType: Anonymous
What I'd like to know is why doesn't the server issue a challenge?
Kevin Brydon1 Answer
Looks like I had a problem in my applicationHost.config.
I added the following to the <globalModules> section
<globalModules>
...
<add name="BasicAuthenticationModule" image="%windir%\System32\inetsrv\authbas.dll" />
...
</globalModules>
And I added the following to the overall server <system.webserver> section
<location path="" overrideMode="Allow">
<system.webServer>
...
<modules>
...
<add name="BasicAuthenticationModule" lockItem="true" />
...
<modules>
...
<system.webServer>
...
<location path="" overrideMode="Allow">
the ... denotes other content in each of the sections, the important parts are the <add /> sections
Kevin BrydonUser contributions licensed under CC BY-SA 3.0