Re: Windows Authentications Issues



Can you check that there aren't any other web.config files overriding this
setting?

Even though you've specified <customErrors mode="Off"> the customErrors
setting it still set to "On".

Also, this web.config file is in the root of your web application right? Not
just in any old folder?

Cheers
Ken


"lostdante" <lostdante@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:68EB581E-6B1F-44B0-90BE-ED210D3518A4@xxxxxxxxxxxxxxxx
: Ken,
:
: The error in the browser is:
: Server Error in '/' Application.
: --------------------------------------------------------------------------------
:
: Runtime Error
: Description: An application error occurred on the server. The current
custom
: error settings for this application prevent the details of the application
: error from being viewed remotely (for security reasons). It could,
however,
: be viewed by browsers running on the local server machine.
:
: Details: To enable the details of this specific error message to be
viewable
: on remote machines, please create a <customErrors> tag within a
"web.config"
: configuration file located in the root directory of the current web
: application. This <customErrors> tag should then have its "mode" attribute
: set to "Off".
:
:
: <!-- Web.Config Configuration File -->
:
: <configuration>
: <system.web>
: <customErrors mode="Off"/>
: </system.web>
: </configuration>
:
:
: Notes: The current error page you are seeing can be replaced by a custom
: error page by modifying the "defaultRedirect" attribute of the
application's
: <customErrors> configuration tag to point to a custom error page URL.
:
:
: <!-- Web.Config Configuration File -->
:
: <configuration>
: <system.web>
: <customErrors mode="RemoteOnly"
defaultRedirect="mycustompage.htm"/>
: </system.web>
: </configuration>
:
:
: The settings in the web.config file are:
: <?xml version="1.0" encoding="utf-8" ?>
: <configuration>
:
: <system.web>
:
: <!-- DYNAMIC DEBUG COMPILATION
: Set compilation debug="true" to insert debugging symbols (.pdb
: information)
: into the compiled page. Because this creates a larger file that
: executes
: more slowly, you should set this value to true only when
debugging
: and to
: false at all other times. For more information, refer to the
: documentation about
: debugging ASP.NET files.
: -->
: <compilation defaultLanguage="vb" debug="true" />
: <identity impersonate="true"/>
: <!-- CUSTOM ERROR MESSAGES
: Set customErrors mode="On" or "RemoteOnly" to enable custom error
: messages, "Off" to disable.
: Add <error> tags for each of the errors you want to handle.
:
: "On" Always display custom (friendly) messages.
: "Off" Always display detailed ASP.NET error information.
: "RemoteOnly" Display custom (friendly) messages only to users not
: running
: on the local Web server. This setting is recommended for
security
: purposes, so
: that you do not display application detail information to remote
: clients.
: -->
: <customErrors mode="Off" />
:
: <!-- AUTHENTICATION
: This section sets the authentication policies of the application.
: Possible modes are "Windows",
: "Forms", "Passport" and "None"
:
: "None" No authentication is performed.
: "Windows" IIS performs authentication (Basic, Digest, or
: Integrated Windows) according to
: its settings for the application. Anonymous access must be
: disabled in IIS.
: "Forms" You provide a custom form (Web page) for users to enter
: their credentials, and then
: you authenticate them in your application. A user credential
: token is stored in a cookie.
: "Passport" Authentication is performed via a centralized
: authentication service provided
: by Microsoft that offers a single logon and core profile
services
: for member sites.
: -->
: <authentication mode="Windows" />
:
:
: <!-- AUTHORIZATION
: This section sets the authorization policies of the application.
: You can allow or deny access
: to application resources by user or role. Wildcards: "*" mean
: everyone, "?" means anonymous
: (unauthenticated) users.
: -->
: <authorization>
: <allow users="*" /> <!-- Allow all users -->
:
: <!-- <allow users="[comma separated list of users]"
: roles="[comma separated list of roles]"/>
: <deny users="[comma separated list of users]"
: roles="[comma separated list of roles]"/>
: -->
: </authorization>
:
: <!-- APPLICATION-LEVEL TRACE LOGGING
: Application-level tracing enables trace log output for every page
: within an application.
: Set trace enabled="true" to enable application trace logging. If
: pageOutput="true", the
: trace information will be displayed at the bottom of each page.
: Otherwise, you can view the
: application trace log by browsing the "trace.axd" page from your
: web application
: root.
: -->
: <trace enabled="false" requestLimit="10" pageOutput="false"
: traceMode="SortByTime" localOnly="true" />
:
:
: <!-- SESSION STATE SETTINGS
: By default ASP.NET uses cookies to identify which requests belong
: to a particular session.
: If cookies are not available, a session can be tracked by adding
a
: session identifier to the URL.
: To disable cookies, set sessionState cookieless="true".
: -->
: <sessionState
: mode="InProc"
: stateConnectionString="tcpip=127.0.0.1:42424"
: sqlConnectionString="data
source=127.0.0.1;Trusted_Connection=yes"
: cookieless="false"
: timeout="20"
: />
:
: <!-- GLOBALIZATION
: This section sets the globalization settings of the application.
: -->
: <globalization requestEncoding="utf-8" responseEncoding="utf-8" />
:
: </system.web>
:
: </configuration>
:
: Thanks
:
:
: "Ken Schaefer" wrote:
:
: > What exactly have you set in your web.config? By default on a generic
error
: > page is shown to remote users...
: >
: > What is the exact error you are seeing in your browser?
: >
: > Cheers
: > Ken
: >
: >
: > "lostdante" <lostdante@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
: > news:3C589173-764F-45D1-B2A6-85F4731252B9@xxxxxxxxxxxxxxxx
: > : Thanks for the reply.
: > :
: > : I've already turned the friendly http errors off. I've also set the
: > : web.config file to display details asp errors but this is failing so
i'm
: > : having to look at the error codes in the log (500).
: > :
: > : The aspx page loads fine if i have the 'Users' group added in the
: > : permissions and only fails when this group is removed. Without the
users
: > : group i can only view .htm and .asp pages no apsx. I've added the
aspnet
: > user
: > : to the group but atill the aspx pages aren't displayed.....
: > :
: > :
: > :
: > : "Urban Andersson" wrote:
: > :
: > : > I seems that you have a problem with your aspx page. Turn of
friendly
: > http
: > : > error on your IE(Tools/Internet options.../Advance/Show friendly
http
: > : > errors) and you will get a more detailed description of the problem.
: > : >
: > : >
: > : > "lostdante" <lostdante@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
: > : > news:ABB63BBE-AF78-4A00-B523-FAC0D51127EB@xxxxxxxxxxxxxxxx
: > : > > Hi,
: > : > >
: > : > > New to the group and need some help. I've set up a new web site on
our
: > : > > server and want to limit access to the site to a selection of
users
: > with
: > : > > windows account son the server.
: > : > >
: > : > > I've set the site to windows authentication, removed the 'Users'
group
: > : > > from
: > : > > the permissions for the site in IIS and added a new group 'test'
that
: > : > > includes my selected users. I've ensured that the new 'Test' group
has
: > : > > rights
: > : > > on the folders. I can log on to the sit ok and view .htm files,
but am
: > : > > unable
: > : > > to view aspx files. When I look in the logs I see 500 errors.
: > : > >
: > : > > Any ideas?
: > : >
: > : >
: > : >
: >
: >
: >


.