39

i want to allow access to Anonymous.aspx page to all user, i have set Basic Authentication to Enabled, and Connect as to specific user.

my problem is when trying to access http://MyIPAddress/MyAlias/Anonymous.aspx, authentication popup appears--ideally it shouldn't, and when i close popup, getting 401.2 Unauthorized error--it's obvious

Error Summary

HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers. Error Code 0x80070005

below is snap of my web.config file.

<configuration>
   <system.web>
       <authentication mode=“Windows“/>
   </system.web>

   <location path=“Anonymous.aspx“>
       <system.web>
          <authorization>
              <allow users=“*“/>
          </authorization>
       </system.web>
   </location>
 </configuration>

how can i solve this error.

BrainCoder
  • 5,197
  • 5
  • 30
  • 33
  • 3
    Old question, but: if an authentication popup appears, it's most likely due to directory permissions set in the file system. – 3Dave Aug 28 '14 at 05:22

5 Answers5

44

Make sure Anonymous access is enabled on IIS -> Authentication.

But also right click on it, then click on Edit, and choose a domain\username and password. (With access to the physical folder of the application).

jpkeisala
  • 8,566
  • 7
  • 30
  • 39
Oscar Ortiz
  • 813
  • 8
  • 16
  • Hi Rockster , I applied your advise and double checked access all the users i tried have got full access to the physical drive. but i'm still getting the same error page. bare in mind Forms Authentication is also disabled, when i enable it i get a different type of error, is there a way to get around this? Thanks – Jay Nov 27 '15 at 19:46
  • Hi @Jawad, once you add/edit the user's security permissions of the website folder using Windows, make sure you also clic the "advanced" button inside the Security tab. Then clic on "Change permissions", select the user you added/edited, and then check the option called "Replace all child object permissions with inheritable permissions from this object", then clic apply – Oscar Ortiz Dec 01 '15 at 16:55
  • 2
    I had to restart IIS service as well for the setting changes to take effect. My plain virtual directories were not accessible because of this error. Simply enabling anonymous authentication at `Default Web Site` level helped me get rid of this error. It didn't require adding any predefined username or password. – RBT Jun 30 '16 at 01:23
  • Thanks. What is a bummer is if one site on iis does an account other than Application pool identity it makes all the sites use that. I always thought authentication could be set per site not all the sites. – drzounds Sep 09 '21 at 17:07
  • Where can I find the IIS menu so that I can change the authentication? – tomasantunes Jun 22 '22 at 13:55
27

Open Project properties by selecting project then go to

View>Properties Windows

and make sure Anonymous Authentication is Enabled

enter image description here

TAHA SULTAN TEMURI
  • 4,031
  • 2
  • 40
  • 66
11

Same thing happen to me this morning, everything was working fine for weeks before. yes guess what. I change my windows PC user account password yesterday night. (how stupid was I)

So easy fix:

IIS -> authentication -> Anonymous authentication -> edit and set the user and new PASSWORD.

Uwe Keim
  • 39,551
  • 56
  • 175
  • 291
Nikita Yo LAHOLA
  • 432
  • 5
  • 8
2

I had the same issue, and spent quite a bit of time trying to track down the solution. I had Anonymous Authentication set up at two different levels with two different users. Make sure that you're not overwriting your set up at a lower level.

brrrrth
  • 177
  • 1
  • 10
  • This was my issue, the top level was one user and a child level was a different user. I set them to the same user and it began working. – Nathan Goings Mar 04 '21 at 15:58
0

I had not checked the Authorization header was set correctly in my request. I actually had Authentication which is not right.. Make sure you check the initiator!

Jimenemex
  • 3,104
  • 3
  • 24
  • 56