Site MVC C# displays the message "401 - Unauthorized: Access is denied due to invalid credentials." after logging into external access

Asked

Viewed 188 times

0

I created the normal MVC C# site without any peculiarity. In the Default Controller the index was this way.

    [AllowAnonymous]
    public ActionResult Index()
    {
        return View();
    }

    [HttpPost]
    [AllowAnonymous]
    public ActionResult Login(LoginUsuarioVM model)
    {
        if (ModelState.IsValid)
        {
            var usuarioVM = Mapper.Map<Usuario, UsuarioVM>(UsuarioApplication.BuscarPorLoginSenha(model.Login, model.Senha));

            if (usuarioVM != null)
            {
                FormsAuthentication.SetAuthCookie($"{usuarioVM.Nome};{usuarioVM.IdUsuario}", model.Remember);

                return RedirectToAction("Home");
            }
            else
            {
                TempData["UsuarioInvalido"] = "Usuário ou Senha Inválido !";
                return RedirectToAction("Index", "Default");
            }
        }
        else
        {
            TempData["UsuarioInvalido"] = "Usuário ou Senha Inválido !";
            return RedirectToAction("Index", "Default");
        }
    }

If login is OK directs to Home.

[Authorize]
    public ActionResult Home()
    {
        ViewBag.Title = "Home";
        return View();
    }

In the Web.config define system.web this way

<system.web>
<customErrors mode="Off" />
<compilation debug="true" targetFramework="4.6.1" />
<httpRuntime targetFramework="4.6.1" />
<globalization culture="en-US" uiCulture="en-US"/>
<authentication mode="Forms">
  <forms name=".ASPXFORMSDEMO" loginUrl="~/Default/Index" timeout="1440" protection="All" path="/" />
</authentication>
    <authorization>
  <deny users="?"/>
  <allow users="*" />
</authorization>
<roleManager enabled="true" defaultProvider="AuthRoleProvider" cacheRolesInCookie="true">
  <providers>
    <clear />
    <add name="AuthRoleProvider" type="MVC.AuthRoleProvider" />
  </providers>
</roleManager>

It was posted on the IIS 8.5 server. For internal reasons it is not within the Defaul Web Sites. The pool is like .NET v4.5 Classic, Pipeline Classic and Porta 1435.

inserir a descrição da imagem aqui

Authentication on IIS is as follows:

Aba Authentication

With User specified IUSR. Usuário adicionado

The point is:

Accessing the site on localhost or accessing by the "server name/Site" within the network the application opens and logs normally. Accessing it by external url after login displays the error message.

inserir a descrição da imagem aqui

Permission has already been given in the folder to the IUSR. Permissão de pasta

I can’t find where the problem is in the application or the server configuration.

I hope I’ve been clear in explaining and thank you for your help.

c# mvc server iis

1 answer

1


Make sure credentials for anonymous users are targeted correctly on Authentication:

  • Click on Anonymous Authentication;
  • Click on Edit, in the upper extreme right;
  • See if the selected user is the correct one or if you want to use the App Pool Identity.

If not, try enabling the detailed error pages:

  • Click on Error Pages;
  • Clicking Edit Feature Settings;
  • Select Activate and give OK.

  • The user selected in the Anonymous tab is the IUSR. I also tested by selecting the App Pool Identity and continues with the same error (this site is zicado).

Browser other questions tagged c# mvc server iis

You are not signed in. Login or sign up in order to post.