"401 Unauthorized" on Sign In

Topics: User Forum
Apr 27, 2007 at 8:56 PM
This stuff looks great...if only I could make it work. Please help me.

On my "Internet" site, when I click "Sign In" I get 401 Unauthorized. It's accessing this url:
http://myserver/_layouts/Authenticate.aspx?Source=%2Fdefault%2Easpx

I tried giving "everyone" full control to _layouts and it didn't help (I know, I know....but I had to test it).
The IIS log shows this when I access the page:
2007-04-27 19:32:39 W3SVC309333072 10.0.0.230 GET /_layouts/Authenticate.aspx Source=%2F%5Flayouts%2Fviewlsts%2Easpx 80 - 10.0.1.10 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.1;.NETCLR1.1.4322;.NETCLR1.0.3705;.NETCLR2.0.50727;FDM;InfoPath.2;.NETCLR3.0.04506.30) 401 5 0

I went through the instructions two more times and read all the posts but I'm still coming up with nothing. IISRESET lots of times. Can anyone help?

On another (perhaps related) note, when I try to use the "User Administration" web part to add a user, I get the following error:

The "AdminWebPart" Web Part appears to be causing a problem. Index was out of range. Must be non-negative and less than the size of the collection.
Parameter name: index

When I try to register as a new user from register.aspx, it appears to add the user in the "User Administration" web part, but ends in an "unknown error". I'm not sure if either of these are supposed to hit the mail server, but I checked the mail server log, and its not being touched...and I know my mail server settings are right, so the problem must be somewhere else. Any help would be appreciated!
Apr 27, 2007 at 9:11 PM

lightwave wrote:
This stuff looks great...if only I could make it work. Please help me.

On my "Internet" site, when I click "Sign In" I get 401 Unauthorized. It's accessing this url:
http://myserver/_layouts/Authenticate.aspx?Source=%2Fdefault%2Easpx

I tried giving "everyone" full control to _layouts and it didn't help (I know, I know....but I had to test it).
The IIS log shows this when I access the page:
2007-04-27 19:32:39 W3SVC309333072 10.0.0.230 GET /_layouts/Authenticate.aspx Source=%2F%5Flayouts%2Fviewlsts%2Easpx 80 - 10.0.1.10 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.1;.NETCLR1.1.4322;.NETCLR1.0.3705;.NETCLR2.0.50727;FDM;InfoPath.2;.NETCLR3.0.04506.30) 401 5 0

I went through the instructions two more times and read all the posts but I'm still coming up with nothing. IISRESET lots of times. Can anyone help?

On another (perhaps related) note, when I try to use the "User Administration" web part to add a user, I get the following error:

The "AdminWebPart" Web Part appears to be causing a problem. Index was out of range. Must be non-negative and less than the size of the collection.
Parameter name: index

When I try to register as a new user from register.aspx, it appears to add the user in the "User Administration" web part, but ends in an "unknown error". I'm not sure if either of these are supposed to hit the mail server, but I checked the mail server log, and its not being touched...and I know my mail server settings are right, so the problem must be somewhere else. Any help would be appreciated!


Hi,

Im also getting the same error.
I have a question for you.
did you succed to create the solution file from the source code. I f yes can you help me please I seems that it is missing the UserListEventHandlers.dll file.

Thank in advance
Apr 27, 2007 at 10:57 PM
I'm afraid I was using the runtime binary for the solution file, so I didn'thave to compile it at all. Sorry I can't be of much help there.

In any case, I could sure use help on the 401 and user add errors. Another note, is that I found no associated failure audits in the windows security event log when I get the 401. Has anyone run into these errors or even have an idea of what else to look at?
Apr 28, 2007 at 2:33 AM

lightwave wrote:
I'm afraid I was using the runtime binary for the solution file, so I didn'thave to compile it at all. Sorry I can't be of much help there.

In any case, I could sure use help on the 401 and user add errors. Another note, is that I found no associated failure audits in the windows security event log when I get the 401. Has anyone run into these errors or even have an idea of what else to look at?


If you are using Integrated Security the App Pool User will need to have access to your SQL User Store.
To do this open up the database in SQL Server Management Studio and under the security folder right click and select ‘New User’.
Enter the user that the application pool is running under and under roles check ‘aspnetMembershipFullAccess’.
Apr 30, 2007 at 6:15 PM
Thanks for the reply. I verified that the user has SQL access. I even went so far as to give him the DBO role to test. I can tell the access works, because the sharepoint app does read and write some data to the database, even though it isn't really working properly. Any other ideas?
Apr 30, 2007 at 9:52 PM

lightwave wrote:
Thanks for the reply. I verified that the user has SQL access. I even went so far as to give him the DBO role to test. I can tell the access works, because the sharepoint app does read and write some data to the database, even though it isn't really working properly. Any other ideas?


Are you sure that you have configured anonymous access correctly? You need to make sure that FBA is working correctly before deploying the feature. If that still doesn't work you may need to wait for the new version which isnt far away.
May 1, 2007 at 2:12 PM
I think I have anonymous access right. I have multiple sites in my site collection. Those enabled for anonymous access are visible without login, while those that are not enabled cannot be accessed. When I attempt to register as a new user, I'm doing so anonymously.
May 26, 2007 at 6:24 PM
I'm experiencing a similar issue. I can add a new user, but was receiving an access denied error. I discovered that the mail settings in the web.config in the root of the site were not specified. After adding the smtp settings, I'm receiving a file not found error instead of access denied.

I've also updated the mail configuration settings in the _layouts/UserAdmin/web.config but the file not found error is still happening.
May 28, 2007 at 5:25 PM
In my case, I get this error when I am trying to access the home page. After then I have to refresh the page , to get it work.
The source code provided is not in sync with the binary , and we are about to go to production, so any help is appreciated.
Jun 7, 2007 at 1:02 AM
Interesting ... I was having a very similar issue with one of my development SharePoint sites configured for forms authentication on a server that does not have this Custom Forms Authentication Feature installed. In my case, I'd get the 401 UNAUTHORIZED error when ever I opened the home page of the site (the home page is configured to allow anonymous access). And in this case I was coming in as an anonymous user. When I refreshed the page, it would come up just fine (showing "Sign In") in the upper right corner. This was a site that I have not used in a while, so there's not been much change to it and it just started this behavior. I have this page set as my home page, so I could reproduce every time simply by closing the browser and reopening it (I'd see the 401 error page, then refresh to see the actual page). Very strange behavior indeed!

My initial solution was to sign in to the site with "Sign me in automatically" checked. I confirmed that this was working, and the 401 error was gone by closing and reopening the browser multiple times. Then I selected "Sign Out" under "Welcome Roy". Now the problem is totally gone and I can no longer reproduce it .... until I do an IISRESET after which the problem is back!

I'm thinking this issue is not related to this authentication feature, but something else within SharePoint.

Roy
Jun 7, 2007 at 1:57 AM
Update ...

I have now found that I had customized the masterpage and it was checked in and this is what was changed from when the site was working fine. So when I reverted back to the uncustomized masterpage, the problem went away ... even after doing an IISRESET! With an uncustomized masterpage, I can not reproduce the problem and no longer get the 401 UNAUTHORIZED page.

Now when I customize the default.master and check it in (I just added a couple spaces), the problem is back.

So, while it's now a bit late in the day for me to check out the issue further, I'm quite sure it's related to the anonymous user and database access.

If those of you having this issue have customized your masterpage in SharePoint Designer (or your content page could do the same thing I presume), the problem is probably related to your customization ... and most likely database access rights since the customized page is pulled from the database on first hit. (This explains why, once it works, it continues to work until an IISRESET since customized pages are cached ... it doesn't explain, however, why the anonymous user can do a refresh and see the page ... hmmmm).

Hope this helps!

Roy
Jun 12, 2007 at 9:37 PM
Edited Jun 12, 2007 at 9:40 PM
Nice info Roy.
I also tested the following conditions also cause the 401 error(in which cases refresh solves the problem).
  • iisreset
  • application pool recycle(manually recycled for testing)
  • masterpage change
  • web.config change

I just wonder what may be the problem...


This is the event log message for the problem. Check this;
Exception information:
Exception type: HttpException
Exception message: Cannot redirect after HTTP headers have been sent.

I also used fiddler to sniff the http traffic but I did not get any redirect headers, even though I get the above event log warning.

Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 12.06.2007 23:29:21
Event time (UTC): 12.06.2007 20:29:21
Event ID: faf71065a873489faeaaa1f6d6890e99
Event sequence: 3
Event occurrence: 1
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/58614478/Root-1-128261537563751250
Trust level: WSS_Custom
Application Virtual Path: /
Application Path: C:\Inetpub\wwwroot\wss\VirtualDirectories\8080\
Machine name: VMTEST1

Process information:
Process ID: 3784
Process name: w3wp.exe
Account name: DOMAIN\wss3

Exception information:
Exception type: HttpException
Exception message: Cannot redirect after HTTP headers have been sent.

Request information:
Request URL: http://vmtest1:8080/default.aspx
Request path: /default.aspx
User host address: 127.0.0.1
User:
Is authenticated: False
Authentication Type:
Thread account name: DOMAIN\wss3

Thread information:
Thread ID: 1
Thread account name: DOMAIN\wss3
Is impersonating: True
Stack trace: at System.Web.HttpResponse.Redirect(String url, Boolean endResponse)
at System.Web.Security.FormsAuthenticationModule.OnLeave(Object source, EventArgs eventArgs)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Jun 12, 2007 at 10:17 PM
I could not find any permission issue at the database level (which is where I expected the problem). I'm now thinking that this 401 UNAUTHORIZED issue is a SharePoint WSS v3 bug.

I'll solve the issue by not making any modifications to master pages with SharePoint Designer, but instead will deploy them as a feature (or directly to the file system) so there are never any "customized" versions being pulled from the database. Seems MOSS has a similar problem, but the issue dissapears once the masterpage has been checked-in and approved ... so it's not as big an issue in MOSS as it is in plain WSS v3. (The issue appears in MOSS if the masterpage mods have been checked-in, but not yet approved.)

Roy
Jun 14, 2007 at 3:35 PM
I too am having this issue, but only then the computer is behind an Endian 2.1 Firewall.
I have tried two test and both end up failing when the internet traffic goes through the firewall.
I have set up two WSS 3.o servers, one on each side of the firewall. When accessing the sites from the network they are on WSS always lets me log in, but when going through the firewall both sites give me the 401 error.
I have anonymous settings turned on for both sites and will do some further testing in a little.
Has anyone figure this out yet?
Jun 14, 2007 at 10:50 PM
For my case,
I have this issue only for the default.aspx page. The other pages never give this error, even after mastepage, iisreset or the cases I have told about.
Jun 28, 2007 at 6:03 PM
Well I found a somewhat dirty workaround for my case.
I noticed that only browsing default.aspx in the root web folder caused the problem. I copied default.aspx to a document library and changed global.asax for the internet zone website. In global.asax I intercepted the BeginRequest and redirected /default.aspx to /customdoclib/default.aspx.

I know this is just a workaround but it may be helpful, I can copy the code if someone likes to see, but it is trivial I guess.
Apr 25, 2008 at 5:36 PM
Hi all,
Just read these posts from last year. Any solutions uncovered for this "bug" since then?. In my case, I have a customized Masterpage but only my default.aspx page in the root seems to pop the 401 error for anonymous users. A refresh then loads the page fine.

Thanks for any info on this!!



Apr 25, 2008 at 9:35 PM
Well, where I ended up was creating a new site and replacing the file system core.css with my customized styles for the custom masterpage, all which worked. Fortunately for me I did all my customization to the styles, ot the master.page. But this remains a bug, IMHO, since I think you should be able to customize a masterpage and or styles for the root default.aspx in SP Designer and still have that work with anonymous access.
Jun 16, 2008 at 7:05 PM


jackinthegreen wrote:
Well, where I ended up was creating a new site and replacing the file system core.css with my customized styles for the custom masterpage, all which worked. Fortunately for me I did all my customization to the styles, ot the master.page. But this remains a bug, IMHO, since I think you should be able to customize a masterpage and or styles for the root default.aspx in SP Designer and still have that work with anonymous access.



Jun 16, 2008 at 7:12 PM
Hello,

I have experienced the very same issue and i have found a solution for it, i think this may help
In the web.config, in the <compilation section>

change this line:
<compilation debug="true" batch="true">
to this:
<compilation debug="true" batch="false">

Best Regards,
Ahmed Hamed

Jul 3, 2008 at 1:46 PM
I found the problem was in how I customized simple.master. It worked fine for one site but not another.
I think it is has problems accessing the location of some images or the css file.
I am going to try to placing the needed files somewhere else or take a different approach.
Damon Armstrong has a nice article providing a couple different options:
http://www.simple-talk.com/dotnet/.net-tools/customizing-the-login-page-in-sharepoint-2007/

Thanks,
-Bill

Nov 18, 2008 at 5:32 AM
Not having any minor version after the last major version of master page reduced the frequency of occurance. Web Application I have is extended to another IIS with FBA & anonymous enabled and that site had no issues with FPD customized master page. I played with the caching configurations but that was not helpful. What finally fixed it is <compilation batch="false" debug="false" /> finally fixed it.

Aamir Qureshi
Oct 30, 2009 at 10:56 PM

This probably has more to do with the master pages that have been uploaded and approved on the site.  Even though you created a new master page and applied it you have to go through SharePoint web admin to approve it on teh site.  You can do this by accessing Site Settings, Galleries/Master pages.  From there you should see the name of teh master page file.  If you click on it you can publish it to a major version.  Once it is published you then approve it.  This should fix the problem.