IIS : WW-Authenticate header field that the Web server

Published by

Posted on February 08, 2010

full Error

You are not authorized to view this page

You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.

Please try the following:
Contact the Web site administrator if you believe you should be able to view this directory or page.
Click the Refresh button to try again with different credentials.

HTTP Error 401.2 – Unauthorized: Access is denied due to server configuration. Internet Information Services (IIS)

Technical Information (for support personnel)
Go to Microsoft Product Support Services and perform a title search for the words HTTP and 401.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Authentication, and About Custom Error Messages.


Fix :

you will need to change the authenication method to basic instead of Integrated authentication. This mostly effects older browsers.

There is a slight draw back to this .With basic , the login details will be sent in plan text..

M$ words
Common reasons
No authentication protocol (including anonymous) is selected in IIS. At least one authentication type must be selected. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
253667 Error message: HTTP 401.2 – Unauthorized: Logon failed due to server configuration with no authentication
Only Integrated authentication is enabled, and an older, non-Internet Explorer client browser tries to access the site. This happens because the client browser cannot perform Integrated authentication. To resolve this problem, use one of the following methods:
Configure IIS to accept Basic authentication. This should only occur over SSL for security purposes.
Use a client browser that can perform Integrated authentication. Internet Explorer and new versions of Netscape Navigator and Mozilla Firefox can perform Integrated authentication.
Integrated authentication is through a proxy. This happens because the proxy doesn’t maintain the NTLM-authenticated connection and thus sends an anonymous request from the client to the server. Options to resolve this problem are as follows:
Configure IIS to accept Basic authentication. This should only occur over SSL for security purposes.
Don’t use a proxy.