HTTP错误401.0-未经授权的IIS 8
本文关键字:授权 IIS 错误 HTTP | 更新日期: 2023-09-27 17:59:42
在MVC5项目中工作时,我可以访问帐户/登录页面。当我输入错误的凭据时,它会告诉我用户名/密码不正确。当我输入正确的凭据时,它会将我重定向到home/index,所以我认为登录确实有效。
在进入新页面时,我怎么会出现以下错误。HTTP错误401.0-未经授权。
蚂蚁,我不确定我会如何解决这个问题。
我的登录控制器
public ActionResult LogIn()
{
return View();
}
[HttpPost]
public ActionResult LogIn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (MembershipService.ValidateUser(model.UserName, model.Password))
{
FormsService.SignIn(model.UserName, model.RememberMe);
if (!String.IsNullOrEmpty(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
我的型号
public class LogOnModel {
[Required]
[DisplayName("User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[DisplayName("Password")]
public string Password { get; set; }
[DisplayName("Remember me?")]
public bool RememberMe { get; set; }
}
public interface IFormsAuthenticationService {
void SignIn(string userName, bool createPersistentCookie);
void SignOut();
}
public class FormsAuthenticationService : IFormsAuthenticationService {
public void SignIn(string userName, bool createPersistentCookie) {
if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName");
FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);
}
最后是我的web.config:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="SaleswebEntities" connectionString=
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<add assembly="System.Web.Helpers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.WebPages, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
<membership>
<providers>
<clear />
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear />
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
<pages>
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<appSettings>
<add key="ClientValidationEnabled" value="false" />
<add key="UnobtrusiveJavaScriptEnabled" value="false" />
</appSettings>
</configuration>
连接字符串不是空的,但我确实删除了它,我不希望它公开发布。
我遇到了一个模拟程序问题,这与代码无关,我的iis确实发生了问题,我不得不重新安装它。这里的关键是确保卸载Windows Process Activation Service,否则ApplicationHost.config将仍然存在。
我注意到您在登录控制器中使用了FormsService。我认为这个类是特定于SharePoint的。我建议使用WebSecurity.Login()或FormsAuthentication.Authenticate()。
您是否检查了Startup.cs是否正确配置了应用程序?
应该有类似于以下内容的内容:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
听起来像是IIS权限问题,如果您还没有管理员身份,则应该尝试运行VS。
"HTTP错误401.0-未经授权您没有查看此目录或页面的权限。"
诊断IIS 上的401.x HTTP错误
请确保文件夹的权限正确无误。双击IIS中的"身份验证"功能。右键单击"Anonymous Authentication"提供程序,然后选择编辑。现在,右键单击左侧窗格中的web应用程序,选择"编辑权限…"。。。,选择"安全"选项卡,单击"编辑"->"添加"并添加IIS APPPOOL'NameOfAppPool。请确保应用程序池标识具有文件夹的读取和执行权限。
这里有几个链接。
为ASP.NET/ASP.NET MVC 3 配置IIS(Windows 7)
http://patrickdesjardins.com/blog/asp-net-mvc-http-error-401-0-unauthorized
https://serverfault.com/questions/348049/iis-and-http-401-0-unauthorized