IIS 7 and Above
401 authentication on iis website not working correctly
Last post Jun 04, 2019 07:02 PM by acenyc
Jun 03, 2019 09:35 PM|acenyc|LINK
I have iis 10.0 installed on a member server running 2016. I have windows authentication http 401 challenge set to allow only users in a certain security group access to the iis website. When any user opens the intranet website, the username and password
interface opens up, but if the user clicks the cancel button twice, it allows that user access to the web page. It bypasses the 401 authentication. I don't think it's supposed to do that. How can I troubleshoot this problem. I will send any additional information
Jun 03, 2019 11:42 PM|lextm|LINK
Instead of testing a full web site, please simply create a static HTML page, and test again that page instead.
Jun 04, 2019 08:19 AM|Able|LINK
According to your description, since you are using windows authenticaiton, if users click cancel twice or more, the page will show 401 error.
So I doubt that if you have any customer error page it could directly lead the 401 error page to some page in your applicaiton.
I suggest that you could show the customer error message setting in your iis.
Jun 04, 2019 07:02 PM|acenyc|LINK
Thanks guys for the help. It looks like it's working correctly now. It just started working. let's see what happens.