4

Background: I support a classic ASP environment. I have a development setup locally on my machine as part of that support. I am running IIS7.

To access my environment, I use "http://localhost:99999/" (port # faked for privacy purposes). I have not had a problem with this -- until today.

I built an application that is intended to run in this environment. The app is ASP.NET v.4.0 (for sake of example, I'll say it's called "http://localhost:99999/DotNetApp/"). Of course, in order to run this, I had to set up my environment application pool to support it (which it now does).

Problem: after configuring this, I am now getting:

Server Error in '/' Application.

Access is denied. Description: An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.

Error message 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to Access Control Lists). Ask the Web server's administrator to give you access to '[filepath]\SourceFiles'.

I did NOT get this before I set my IIS configuration. Why am I getting this now?

Note: this ONLY happens with "http://localhost:99999/"; this does NOT happen if I try "http://localhost:99999/default.asp" (the page comes up with no problem).

Anyone have any insight?

Thanks in advance . . .

Edit: Additional symptoms: I tried playing with the application pool settings. The problem goes away if I change the .NET Framework version to either 2.0.50727 or to "No Managed Code." Changing it to 4.0.31319 breaks it. Of course, if I use any of the other two versions, my ASP.NET app won't run.

Edit #2: This problem occurs on ALL links that go to a folder or directory (e.g. "http://localhost:99999/somefolder/"), not just the web root.

Edit #3: I have a workaround: set "http://localhost:99999/" and "http://localhost:99999/DotNetApp/" in separate application pools. The first runs in .NET 2.0, while the latter runs .NET 4.0. (I'll post this as an answer once my 8 hour limit is up.) Probably not the best answer -- I'd prefer something that isn't as much of a kludge -- but for the time being, it'll get the job done. However, if anyone has a solution that enables me to run everything in the same app pool, by all means, post away!

Ray K.
  • 2,431
  • 3
  • 25
  • 39
  • Did default.asp get removed from your Default Document list in IIS, so it is trying to list the directory (which isn't allowed)? – vcsjones May 23 '12 at 14:40
  • That was the first thing I checked, and it was there. – Ray K. May 23 '12 at 14:49
  • Are you assigning the .NET app a seperate application pool from the classic ASP apps? – Snuffleupagus May 23 '12 at 15:22
  • Forget about the default document, go straight to the ASP page itself. Can you get an ASP page to render by hitting http://localhost:99999/DotNetApp/default.asp or what ever your page name is? – Nick Bork May 23 '12 at 15:23
  • That is not an answer. I have to be able to support customers who go to "http://www.website.com". If this issue breaks the site, then it is not acceptable. Besides, my app under DotNetApp is default.aspx, not default.asp. – Ray K. May 23 '12 at 15:26
  • I'm not saying it is your solution but I'm telling you to skip the default document, worry only about getting an ASP page to render when you go directly to it. When you type the full URL to the page does it execute? – Nick Bork May 23 '12 at 15:27
  • You're missing the point. The problem is NOT with my .net app; the problem is with my web root. Because the app is .net 4.0, it bombs if I use any other version, but .net 4.0 also breaks my web root. – Ray K. May 23 '12 at 15:30
  • 1
    Did you try http://forums.iis.net/t/1177076.aspx – Nick Bork May 23 '12 at 15:35
  • Okay, this might have some promise. Sounds very similar to what I'm experiencing, although they mention 404's, not 401's. Let me digest what they have there and see how it goes. – Ray K. May 23 '12 at 15:40

3 Answers3

4

You probably must specify "default.asp" as allowed in your "Default Document" settings in IIS7

EDIT: Check if ASP has been installed: Control Panel -> Programs and features -> Windows Features -> Internet Information Services -> Www services ->Application Development Features-> ASP

enter image description here

EDIT Final solution: The IUSR account is missing from the folder the website is in.

Hendrik Beenker
  • 1,120
  • 5
  • 17
  • That was the first thing I checked, and it was there. I even moved it to the top of the priority order. Nothing doing. – Ray K. May 23 '12 at 14:46
  • Have you enabled **ASPClassic** in the Handler Mappings settings in IIS7? – Hendrik Beenker May 23 '12 at 14:52
  • 1
    Yes, just checked it. It's enabled. – Ray K. May 23 '12 at 14:55
  • Also, I tried changing the path type to "File Or Folder." That didn't work, either. – Ray K. May 23 '12 at 14:57
  • Yeah, checked that too (making sure ASP was installed, that is). Nope, that wasn't it, either. – Ray K. May 23 '12 at 15:05
  • Breaking news: it only happens with .NET 4.0 (see my edit in my original question). – Ray K. May 23 '12 at 15:15
  • I am really trying to reproduce your error, but I can't get it to happen. All else that's left is checking security rights. Especially the IUSR account. Do basic HTML pages work? and a basic "Hello World" apsx page? – Hendrik Beenker May 23 '12 at 15:34
  • Yes, basic pages work; those are not a problem. I just tried some other links, and it's a problem with ALL links that only specify just the folder, not the folder/default.asp. – Ray K. May 23 '12 at 15:44
  • What happens when you enable the directory browsing? – Hendrik Beenker May 23 '12 at 17:38
  • No change. Still getting a 401 error, even with directory browsing enabled. – Ray K. May 23 '12 at 17:52
  • 2
    Ah! I think I have been able to reproduce your issue. I removed the IUSR account using "Edit Permissions". Then I got exactly your error. So, check that one for me. – Hendrik Beenker May 23 '12 at 18:15
  • Guess what? There isn't one! Since it's my own development machine, I didn't think to put one in! – Ray K. May 23 '12 at 18:35
  • Lo and behold -- I checked Authentication. ASP.NET Impersonation was disabled. I enabled it. Problem solved! Thanks for your help! – Ray K. May 23 '12 at 18:44
  • 1
    Adding the IUSR account back to that folder fixed the problem for me too. – Andy Oct 12 '12 at 14:36
1

Set the default page for your site in IIS.

Kapil Khandelwal
  • 15,958
  • 2
  • 45
  • 52
0

Try to set permission "Everyone" for directory "[filepath]\SourceFiles/" or/and "Allow" for other user names and groups in folder properties.

Ilya Shpakovsky
  • 281
  • 1
  • 3
  • 16