Rectangle 27 1

iis 7.5 ASP.NET MVC 3 Intranet site on IIS7.5 w Windows Authentication gives 401.3 and File authorization failed for the request when trying to log in?


config.SetEntitySetAccessRule("*", EntitySetRights.All);

1- Another thing that may causes the problem is IIS may configured not to authorized related users. Some of them are :

2- Also Check allowed verbs in IIS.

3- On the root folder of your application Give read access to IIS AppPool\YourAppPool.

4- Another cause could be hierarchical access rules in your application depends on what application services you are using, like web site panel access rules.

I refer you to see this post that declares all of MVC authentication methods. but make sure you have enabled minimum required authentication on your mvc application. Notice that Anonymous Authentication works with your group policies. you can config that by following : Internet Options -> Security Tab -> Local Intranet -> Custom Level, on your browser.

Note
Rectangle 27 1

iis 7.5 ASP.NET MVC 3 Intranet site on IIS7.5 w Windows Authentication gives 401.3 and File authorization failed for the request when trying to log in?


  • Created a local account (IIS-AccessUser)
  • Granted IIS-AccessUser read and execute access to the /home directory of the site.
  • Set IIS-AccessUser as the Physical Path Credentials

By default, Physical Path Credentials is set to Application User (Pass-through authentication). This means that IIS doesnt do any impersonation when handling Windows Authentication requests. This can, however, be set to a specific user (though not, unfortunately, the application pool identity, which would be ideal). Physical Path Credentials Logon Type is set by default to Clear-Text. For my testing I set this to Interactive (though this may not be the correct value). Possible values are Clear-Text, Batch, Interactive, and Network.

Doing the above allowed me to log in to the application directly, without having to allow Authenticated Users, or me having to be a member of any of the groups in the /home folder. It also still preserved .NET Authorization roles, so I still could not access parts of the site that I was not allowed to.

There are two IIS settings that control this:

We were also fighting with this issue, and started setting up security groups so we could give our users file level permissions. Then one of our server admins stumbled across a couple of new properties that allow the app to authenticate to the file system under set credentials, and resolved the need for the users to have access. Here is what he came up with

Note
Rectangle 27 0

iis 7.5 ASP.NET MVC 3 Intranet site on IIS7.5 w Windows Authentication gives 401.3 and File authorization failed for the request when trying to log in?


config.SetEntitySetAccessRule("*", EntitySetRights.All);

1- Another thing that may causes the problem is IIS may configured not to authorized related users. Some of them are :

2- Also Check allowed verbs in IIS.

3- On the root folder of your application Give read access to IIS AppPool\YourAppPool.

4- Another cause could be hierarchical access rules in your application depends on what application services you are using, like web site panel access rules.

I refer you to see this post that declares all of MVC authentication methods. but make sure you have enabled minimum required authentication on your mvc application. Notice that Anonymous Authentication works with your group policies. you can config that by following : Internet Options -> Security Tab -> Local Intranet -> Custom Level, on your browser.

Note
Rectangle 27 0

iis 7.5 ASP.NET MVC 3 Intranet site on IIS7.5 w Windows Authentication gives 401.3 and File authorization failed for the request when trying to log in?


Why would anonymous need to be enabled? The OP has specifically said it's disabled, since Windows Authentication is required.

Note