You are not authorized to view this page HTTP Error 403 - Forbidden

T

Tony Girgenti

Hello.

I developed and tested a web application using VS.NET 2003, VB, .NET
Framework 1.1.4322, ASP.NET 1.1.4322 and IIS5.1. It uses a web form.

Development testing works fine on my development computer, but when i take
the files to another computer and install them using the deployment project
files, when i go to execute it on the different computer, it gives the error
"You are not authorized to view this page. HTTP Error 403 - Forbidden.

I am logged on the computer as Administrator.

I gave all of the following full permissions to the wwwroot folder:
Administrastor
Administrators Group
IUSR
System
Network
ASP.NET user

Any help would be gratefully appreciated.

Thanks,
Tony
 
G

Gaurav Vaish \(www.EduJiniOnline.com\)

I am logged on the computer as Administrator.
I gave all of the following full permissions to the wwwroot folder:


Check if Anonymous Access is enabled in IIS.
It's not about folder access but HTTP access :)
 
T

Tony Girgenti

Hello Joe.

By "Anonymous user", do you mean the ANONYMOUS LOGON" group. That's the
only one that i can find with "Anonymous" in it.

Also, what is file system level ACL access ?

Thanks,
Tony

Joe Kaplan said:
Does the anonymous user have file system level ACL access to the files?
That can cause this problem as well.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
 
J

Joe Kaplan

No, when you configure anonymous access in IIS, it actually logs in a fixed
user account, typically named IUSR_MACHINE, that is used for applying
security to the executing web request.

When Windows accesses any securable kernel object like a file or registry
key, it compares the security settings (the ACL) on that object to the
security capabilities of the currently executing thread's security context
and decides whether the requested access is allowed.

In ASP.NET, it sometimes gets confusing whether the anonymous user account
or the web server process account will get used when making these security
decisions. However, you can always ACL your files to allow access to both.

The best way to determine if a file system ACL issue is the problem is to
use filemon. It will tell you all the files that are being accessed, will
tell you if an access denied was triggered, what type of access was
requested that was denied and what account was used that was denied. It
basically tells you exactly how to change the ACL to fix the problem.

Best of luck,

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top