0

I've configured forms authentication for ASP.NET 4.0 application.

Login/logout is working, but when I'm logged in I can't access the site root (~/) page. When I'm going to this url in browser I'm getting 401.2 error (Unathorised).

Error message: You are not authorized to view this page due to invalid authentication headers.

Other pages are accessed fine.

When I'm logged out site root could be accessed and redirects to login page (which is correct behavior)

Did anyone faced such issue?

Jack Spektor
  • 1,097
  • 1
  • 11
  • 30
  • The login page is probably not on root, you need to set up correct the permissions on you files, to be help read this http://stackoverflow.com/questions/16677887/how-to-set-correct-file-permissions-for-asp-net-on-iis/16678016#16678016 – Aristos Jul 08 '14 at 08:09
  • Also the root of the page is usually read the default.aspx, check if this is correct or you try to read some other page that is not exist – Aristos Jul 08 '14 at 08:10
  • The error message is "You are not authorized to view this page due to invalid authentication headers." – Jack Spektor Jul 08 '14 at 13:14
  • Do you search on internet ? http://support.microsoft.com/kb/942043 – Aristos Jul 08 '14 at 14:58
  • 1
    @JackSpektor Please post `` tag and `` tags *(if there)* inside of **web.config**. – Win Jul 09 '14 at 17:01

1 Answers1

0

The problem was related that <authorization> section was located inside system.webServer section of web.config, as a result it was applied to web server authorization rules, but not website.

The correct location of authorization section should be of course system.web

Jack Spektor
  • 1,097
  • 1
  • 11
  • 30