IIS7.5 WCF服务 - HTTP错误401.3(即使添加IIS_IUSRS)
我们有网站,使用NT AUTHORITY \网络服务。
We have website that uses "NT Authority\Network Service".
Response.Write(WindowsIdentity.GetCurrent().Name);
本网站使用了托管在IIS 7.5 WCF服务。我们得到以下错误,当我们在浏览服务 - HTTP错误401.3 - 未经授权。您没有权限查看该目录,因为访问控制列表(ACL),用于在Web服务器上此资源的配置或加密设置或页面。
The website uses a WCF Service that is hosted in IIS 7.5. We are getting the following error when we browse the service – "HTTP Error 401.3 – Unauthorized. You do not have permissions to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web Server."
请注意:我们已经授予读取权限为 IIS_IUSRS 和 IUSR 上的文件夹。
Note: We have already granted Read rights to IIS_IUSRS and IUSR on the folders.
任何想法,我们如何才能解决这个问题?
Any idea, how we can resolve this error?
该服务的应用程序池具有以下细节
The application pool for the service has following details
.NET Framework版本:.NET框架v4.0.30319
.NET Framework version: .NET Framework v4.0.30319
托管管道模式:经典
应用程序以使服务具有以下配置。
The Application for the service has the following configuration
•匿名身份验证:启用
•Windows身份验证:禁用
• Windows Authentication: Disabled
•ASP.NET模拟:禁用
• ASP.NET impersonation: Disabled
•表单验证:禁用
最有可能的就是这个(为了最有可能最少的): 除了启用匿名身份验证的网站,编辑匿名身份验证(通过右键单击),它从特定用户到应用程序池标识更改。
Most likely it is this (in order of most likely to least): Besides enabling Anonymous Authentication for the web site, edit Anonymous Authentication (by right clicking) and change it from a Specific User to Application pool identity.
或
计算机管理(右键点击我的电脑,选择管理) - >本地用户和组 - >用户 - >选择IUSR_MACHINENAME(即IUSR_TOMATO-CLOWNFIS) - >右键点击属性 - >确定它是IIS_WPG和用户和会员没有客人。
Computer Management (right click on my computer and select Manage) --> Local Users and Groups --> Users --> Select IUSR_MACHINENAME (ie,IUSR_TOMATO-CLOWNFIS) --> Right click Properties --> Make sure it is a member of IIS_WPG and users and not Guests.
或
在你的IIS服务器 - >分配的用户名和密码匿名登录有文件夹或资源的物理路径上完全读取权限。 希望这样可以解决问题。
On Your IIS Server -> Assign a USER NAME and PASSWORD to anonymous login which has full read rights on the folder or physical path of resources. Hope this resolves the issue.