2

I am deploying a new EF 4.0 ASP.NET MVC 4 site to an IIS 7.0 server but I'm getting an error that says:

"HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers."

I have Anonymous Authentication and Forms Authentication disabled. ASP.NET Impersonation and Windows Authentication are both enabled.

I've confirmed that everything okay according to this Microsoft KB article

Even better, there is already a working site in the same app pool using the same type of authentication.

I'm not sure what to check next. Does anyone have an idea what's causing this error?

Splendor
  • 1,386
  • 6
  • 28
  • 62
  • have you seen [this](http://stackoverflow.com/questions/11687711/all-requests-getting-http-error-401-2-unauthorized-response)? – kevin_fitz Jun 03 '13 at 19:04

2 Answers2

6

I figured it out. I had to add this to my applicationHost.config file (located in the windows/system32/inetsrv/config folder).

<windowsAuthentication enabled="true">
  <providers>
    <add value="Negotiate" />
    <add value="NTLM" />
  </providers>
</windowsAuthentication>

It was there for the other working application but not this new one.

Splendor
  • 1,386
  • 6
  • 28
  • 62
  • 1
    http://stackoverflow.com/questions/4762538/iis-express-windows-authentication/7168308#7168308 -- This does the same for the application and no need to change global settings... do it in the application (and if you do it globally, but not in your VS app, it doesn't help as the local application setting overrides the global setting. – Danimal111 Feb 11 '14 at 19:15
1

On a recently built 2012R2 web server I kept running in to this error even for simple cases. I finally fixed it by reinstalling the Windows Authentication feature.

PowerShell:

Remove-WindowsFeature Web-Windows-Auth
Add-WindowsFeature Web-Windows-Auth
Nathan
  • 3,842
  • 1
  • 26
  • 31