[RESOLVED]: Images and css recieve a HTTP Error 401.3 - Unauthorized

Hi,

I am trying to upgrade to NOP 3.4 but run against 'HTTP Error 401.3 - Unauthorized' for images and css on IIS. On localhost is runs with images and css.

So it must be related to file permissions. I have given full control to my application pool identity. If I compare the permissions with the NOP 3.20 folder, they are the same. However, the NOP 3.40 does not want to run.

Any ideas? I am out of options :-(.

J.

RESOLVED 20141016: (see below in this thread). Summary: Edit permissions of the anonymous user --> set it to application pool identity or add this user to the file permissions.

HTTP Error 401.3 - Unauthorized

You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.



Most likely causes:
•The user authenticated by the Web server does not have permission to open the file on the file system.
•If the resource is located on a Universal Naming Convention (UNC) share, the authenticated user may not have sufficient share and NTFS permissions, or the permissions on the share may not match the permissions on the physical path.
•The file is encrypted.



Things you can try:
•Open File Explorer and check the ACLs for the file that is being requested. Make sure that the user accessing the Web site is not being explicitly denied access, and that they do have permission to open the file.
•Open File Explorer and check the ACLs for the share and the physical path. Ensure that both ACLs allow the user to access the resource.
•Open File Explorer and check the encryption properties for the file that is being requested. (This setting is located in the Advanced attribute properties dialog.)
•Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here. 



Detailed Error Information:



Module
   IIS Web Core 

Notification
   AuthenticateRequest 

Handler
   StaticFile 

Error Code
   0x80070005 



Requested URL
   http://my-dev.nl:80/content/images/thumbs/myimage.jpeg 

Physical Path
   C:\Users\myname\Source\Workspaces\NopCommerce-dev-v320-v340\Presentation\Nop.Web\content\images\thumbs\myimage.jpeg 

Logon Method
   Anonymous 

Logon User
   Anonymous 




More Information:
The user trying to access the page was successfully logged on, but the user does not have permission to access the resource. This means the access control list (ACL) for the resource either does not include the user or explicitly denies the user. Check the ACL for the resource and add the user to the ACL. If the content is located on a share, ensure both NTFS and share permissions allow the user access. It is also possible that the user is part of a group that is denied access. 
View more information »

Microsoft Knowledge Base Articles:
•907273
•332142

I am also migrating from 3.2 to 3.4, so far everything seems working fine. What kind of server you are using? dedicated, shared, vm, godady ?

Still I believe it's permission issue.

Yes, I also believe it is a permission issue, but where?

IIS Apppool identity is added to the Nop.Web folder.
File permissions are also present

Hi,

I removed all rights and inheritence from the NOP.Web folder. Then on the overall path I reapplied the Owner to Administrator (me) and System, Administrators and my own user with full permissions. Then I added my IIS APPPool\myAppool as full rights user. Then I still had the error.

I went to authentication in IIS and changed (edit option below enable) and changed to IIS pool identity instead of a specific user. Now it works, although images in the catalog till do not show up. I will check that out.

I looks loading of the nop 3.4 site looks a bit slower now. But can be my impression.

J.

Resolved: seemed those images are not copied from production to my development. So changing anonymous user to application pool identity did the trick.