All geek questions in one place

URL authorization failed for request

I am moving some sites to a new installation of Windows 2003 using IIS6. However, I am having problems with forms authentication. The sites in question work fine on the old box, which is the same OS and version of IIS.

When I try to enter the site, I get the event log "URL authorization failed for request" and the page redirects back: -

http://www.demo.socialclause.net/logout.aspx?ReturnUrl=/Secure/Procurement/Default.aspx

Both old and new servers contain the same configuration and the same permissions. Obviously, I'm leaving somewhere, but I can’t understand. Can anyone help?

My web.config contains the following: -

<authentication mode="Forms">
  <forms slidingExpiration="true" name=".ASPXAUTH" protection="All" loginUrl="~/logout.aspx" timeout="60" ></forms>
</authentication>

and inside / secure dir (this is not a virtual directory), my web.config contains: -

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <allow roles="ClauseAdmin"/>
      <allow roles="ProcurementAdmin"/>
      <allow roles="ReportAdmin"/>
      <allow roles="SystemAdmin"/>
      <deny users="*"/>
    </authorization>
  </system.web>
</configuration>

The event log shows:

Event Type: Information
Event Source:   ASP.NET 2.0.50727.0
Event Category: Web Event 
Event ID:   1314
Date:       26/05/2009
Time:       21:01:05
User:       N/A
Computer:   WILDEAA1
Description:
Event code: 4007 
Event message: URL authorization failed for the request. 
Event time: 26/05/2009 21:01:05 
Event time (UTC): 26/05/2009 20:01:05 
Event ID: af3bac34e6d74630b937a5a05d0f25f2 
Event sequence: 4 
Event occurrence: 1 
Event detail code: 0 

Application information: 
    Application domain: /LM/W3SVC/2067908276/Root-1-128878416581538912 
    Trust level: Full 
    Application Virtual Path: / 
    Application Path: C:\Inetpub\websites\www.demo.socialclause.net\htdocs\ 
    Machine name: WILDEAA1 

Process information: 
    Process ID: 1076 
    Process name: w3wp.exe 
    Account name: NT AUTHORITY\NETWORK SERVICE 

Request information: 
    Request URL: http://demo.socialclause.net/Secure/Procurement/Default.aspx 
    Request path: /Secure/Procurement/Default.aspx 
    User host address: 91.84.25.241 
    User: richard@wildesoft.net 
    Is authenticated: True 
    Authentication Type: Forms 
    Thread account name: NT AUTHORITY\NETWORK SERVICE
+3
5

? () * ()

<authentication mode="Forms">
    <forms name=".ASPXFORMSAUTH" loginUrl="~/Common/Login.aspx" timeout="450" />
  </authentication>
  <authorization>
    <deny users="?" />
    <allow roles="Admin" />
  </authorization>
+1

sql ... , , . , . web.config ? , :

      <roleManager enabled="true" defaultProvider="IDTSqlRoleProvider" cacheRolesInCookie="true" cookieProtection="All">
    <providers>
      <clear/>
      <add
        name="IDTSqlRoleProvider"
        type="System.Web.Security.SqlRoleProvider"
        connectionStringName="SqlMembershipConnectionString"
        applicationName="ConsumerSynergy"/>
    </providers>
  </roleManager>
0

? , , x, y, z, .

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <deny users="*"/>
      <allow roles="ClauseAdmin"/>
      <allow roles="ProcurementAdmin"/>
      <allow roles="ReportAdmin"/>
      <allow roles="SystemAdmin"/>
    </authorization>
  </system.web>
</configuration>

, .

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <allow roles="ClauseAdmin"/>
      <allow roles="ProcurementAdmin"/>
      <allow roles="ReportAdmin"/>
      <allow roles="SystemAdmin"/>
      <deny users="?"/>
    </authorization>
  </system.web>
</configuration>
0

, , web.config .

0

, IIS, , , , , ? , IIS /, .

: , , . , , , , :

  • Windows IIS.
  • , , ( , "" ).
  • Your roles are defined, but permission to read them has changed.

I suspect these are 1) IIS users.

-3
source

Source: https://habr.com/ru/post/1709164/

More articles:


All Articles