You are not authorized to view this page HTTP Error 403 - Forbidden

Discussion in 'ASP .Net Security' started by Tony Girgenti, Sep 11, 2006.

  1. Hello.

    I developed and tested a web application using VS.NET 2003, VB, .NET
    Framework 1.1.4322, ASP.NET 1.1.4322 and IIS5.1. It uses a web form.

    Development testing works fine on my development computer, but when i take
    the files to another computer and install them using the deployment project
    files, when i go to execute it on the different computer, it gives the error
    "You are not authorized to view this page. HTTP Error 403 - Forbidden.

    I am logged on the computer as Administrator.

    I gave all of the following full permissions to the wwwroot folder:
    Administrastor
    Administrators Group
    IUSR
    System
    Network
    ASP.NET user

    Any help would be gratefully appreciated.

    Thanks,
    Tony
     
    Tony Girgenti, Sep 11, 2006
    #1
    1. Advertising

  2. Hello Gaurav.

    Yes, Anonymous Access is checked.

    Thanks,
    Tony

    "Gaurav Vaish (www.EduJiniOnline.com)"
    <> wrote in message
    news:...
    >> I am logged on the computer as Administrator.
    >>
    >> I gave all of the following full permissions to the wwwroot folder:

    >
    >
    > Check if Anonymous Access is enabled in IIS.
    > It's not about folder access but HTTP access :)
    >
    >
    > --
    > Happy Hacking,
    > Gaurav Vaish | http://www.mastergaurav.com
    > http://articles.edujinionline.com/webservices
    > -------------------
    >
    >
     
    Tony Girgenti, Sep 11, 2006
    #2
    1. Advertising

  3. Tony Girgenti

    Joe Kaplan Guest

    Does the anonymous user have file system level ACL access to the files?
    That can cause this problem as well.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Tony Girgenti" <tony(nospam)@lakesideos.com> wrote in message
    news:%...
    > Hello Gaurav.
    >
    > Yes, Anonymous Access is checked.
    >
    > Thanks,
    > Tony
    >
    > "Gaurav Vaish (www.EduJiniOnline.com)"
    > <> wrote in message
    > news:...
    >>> I am logged on the computer as Administrator.
    >>>
    >>> I gave all of the following full permissions to the wwwroot folder:

    >>
    >>
    >> Check if Anonymous Access is enabled in IIS.
    >> It's not about folder access but HTTP access :)
    >>
    >>
    >> --
    >> Happy Hacking,
    >> Gaurav Vaish | http://www.mastergaurav.com
    >> http://articles.edujinionline.com/webservices
    >> -------------------
    >>
    >>

    >
    >
     
    Joe Kaplan, Sep 12, 2006
    #3
  4. Hello Joe.

    By "Anonymous user", do you mean the ANONYMOUS LOGON" group. That's the
    only one that i can find with "Anonymous" in it.

    Also, what is file system level ACL access ?

    Thanks,
    Tony

    "Joe Kaplan" <> wrote in message
    news:...
    > Does the anonymous user have file system level ACL access to the files?
    > That can cause this problem as well.
    >
    > Joe K.
    >
    > --
    > Joe Kaplan-MS MVP Directory Services Programming
    > Co-author of "The .NET Developer's Guide to Directory Services
    > Programming"
    > http://www.directoryprogramming.net
    > --
    > "Tony Girgenti" <tony(nospam)@lakesideos.com> wrote in message
    > news:%...
    >> Hello Gaurav.
    >>
    >> Yes, Anonymous Access is checked.
    >>
    >> Thanks,
    >> Tony
    >>
    >> "Gaurav Vaish (www.EduJiniOnline.com)"
    >> <> wrote in message
    >> news:...
    >>>> I am logged on the computer as Administrator.
    >>>>
    >>>> I gave all of the following full permissions to the wwwroot folder:
    >>>
    >>>
    >>> Check if Anonymous Access is enabled in IIS.
    >>> It's not about folder access but HTTP access :)
    >>>
    >>>
    >>> --
    >>> Happy Hacking,
    >>> Gaurav Vaish | http://www.mastergaurav.com
    >>> http://articles.edujinionline.com/webservices
    >>> -------------------
    >>>
    >>>

    >>
    >>

    >
    >
     
    Tony Girgenti, Sep 12, 2006
    #4
  5. Tony Girgenti

    Joe Kaplan Guest

    No, when you configure anonymous access in IIS, it actually logs in a fixed
    user account, typically named IUSR_MACHINE, that is used for applying
    security to the executing web request.

    When Windows accesses any securable kernel object like a file or registry
    key, it compares the security settings (the ACL) on that object to the
    security capabilities of the currently executing thread's security context
    and decides whether the requested access is allowed.

    In ASP.NET, it sometimes gets confusing whether the anonymous user account
    or the web server process account will get used when making these security
    decisions. However, you can always ACL your files to allow access to both.

    The best way to determine if a file system ACL issue is the problem is to
    use filemon. It will tell you all the files that are being accessed, will
    tell you if an access denied was triggered, what type of access was
    requested that was denied and what account was used that was denied. It
    basically tells you exactly how to change the ACL to fix the problem.

    Best of luck,

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Tony Girgenti" <tony(nospam)@lakesideos.com> wrote in message
    news:%...
    > Hello Joe.
    >
    > By "Anonymous user", do you mean the ANONYMOUS LOGON" group. That's the
    > only one that i can find with "Anonymous" in it.
    >
    > Also, what is file system level ACL access ?
    >
    > Thanks,
    > Tony
    >
    > "Joe Kaplan" <> wrote in message
    > news:...
    >> Does the anonymous user have file system level ACL access to the files?
    >> That can cause this problem as well.
    >>
    >> Joe K.
    >>
    >> --
    >> Joe Kaplan-MS MVP Directory Services Programming
    >> Co-author of "The .NET Developer's Guide to Directory Services
    >> Programming"
    >> http://www.directoryprogramming.net
    >> --
    >> "Tony Girgenti" <tony(nospam)@lakesideos.com> wrote in message
    >> news:%...
    >>> Hello Gaurav.
    >>>
    >>> Yes, Anonymous Access is checked.
    >>>
    >>> Thanks,
    >>> Tony
    >>>
    >>> "Gaurav Vaish (www.EduJiniOnline.com)"
    >>> <> wrote in message
    >>> news:...
    >>>>> I am logged on the computer as Administrator.
    >>>>>
    >>>>> I gave all of the following full permissions to the wwwroot folder:
    >>>>
    >>>>
    >>>> Check if Anonymous Access is enabled in IIS.
    >>>> It's not about folder access but HTTP access :)
    >>>>
    >>>>
    >>>> --
    >>>> Happy Hacking,
    >>>> Gaurav Vaish | http://www.mastergaurav.com
    >>>> http://articles.edujinionline.com/webservices
    >>>> -------------------
    >>>>
    >>>>
    >>>
    >>>

    >>
    >>

    >
    >
     
    Joe Kaplan, Sep 12, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David Hunt
    Replies:
    4
    Views:
    11,316
    gullsinn
    Oct 4, 2009
  2. Tony Girgenti
    Replies:
    5
    Views:
    10,615
    Joe Kaplan
    Sep 12, 2006
  3. willem joubert

    Error 403-Error 403-Error 403

    willem joubert, Feb 8, 2005, in forum: ASP .Net Web Services
    Replies:
    1
    Views:
    184
    Bruce Johnson [C# MVP]
    Feb 8, 2005
  4. Tony Girgenti
    Replies:
    4
    Views:
    185
    Joe Kaplan
    Sep 12, 2006
  5. Mark J. McGinty

    IIS HTTP 403.1 Forbidden: Execute Access Forbidden

    Mark J. McGinty, Dec 9, 2005, in forum: ASP General
    Replies:
    2
    Views:
    362
    Kyle Peterson
    Dec 9, 2005
Loading...

Share This Page