JavaEar 专注于收集分享传播有价值的技术资料

Unauthorized on site root

I've configured forms authentication for ASP.NET 4.0 application.

Login/logout is working, but when I'm logged in I can't access the site root (~/) page. When I'm going to this url in browser I'm getting 401.2 error (Unathorised).

Error message: You are not authorized to view this page due to invalid authentication headers.

Other pages are accessed fine.

When I'm logged out site root could be accessed and redirects to login page (which is correct behavior)

Did anyone faced such issue?


  1. The problem was related that <authorization> section was located inside system.webServer section of web.config, as a result it was applied to web server authorization rules, but not website.

    The correct location of authorization section should be of course system.web