1

Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.\

I'm having the above error while changing the website property to Project URL: localhost/StsClient. However it is working fine for IIS express set to: localhost:21817/

any helps please? why can't I have the STS client in local IIS ? or do i miss something? below is the client config

<system.webServer>
    <modules>
      <add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
      <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
    </modules>
  </system.webServer>
  <system.identityModel>
    <identityConfiguration>
      <audienceUris>
        <add value="http://localhost/StsClient" />
      </audienceUris>
      <securityTokenHandlers>
        <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </securityTokenHandlers>
      <certificateValidation certificateValidationMode="None" />
      <issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
        <authority name="DeveloperSts">
          <keys>
            <add thumbprint="#################################" />
          </keys>
          <validIssuers>
            <add name="DeveloperSts" />
          </validIssuers>
        </authority>
      </issuerNameRegistry>
    </identityConfiguration>
  </system.identityModel>
  <system.identityModel.services>
    <federationConfiguration>
      <cookieHandler requireSsl="false" />
      <!--<wsFederation passiveRedirectEnabled="true" 
      <wsFederation passiveRedirectEnabled="true" issuer="http://localhost/StsService/Security/Authorize" realm="http://localhost/StsClient" requireHttps="false" />
    </federationConfiguration>
  </system.identityModel.services>
user384080
  • 4,576
  • 15
  • 64
  • 96
  • http://stackoverflow.com/questions/12640048/error-message-401-2-unauthorized-logon-failed-due-to-server-configuration-wh – ray May 08 '14 at 05:00
  • @ray - tried it but no luck.. btw how is it relevant to WIF (stuff that I'm doing) ? i just can't see the connection between WIF and the link you gave me. – user384080 May 08 '14 at 05:09

1 Answers1

0

ok.. this is very interesting.. when I displayed it using IE11, it gave another error:

“Error occurred during a cryptographic operation.”

Then I turned on the windows authentication enabled in IIS, and it works fine now..

Up to this point, the client site still cannot be loaded via Chrome and not sure why..

user384080
  • 4,576
  • 15
  • 64
  • 96