Failed to authenticate
Has anyone else seen the following entries in their Sitefinity Error logs? I am getting A LOT of them lately.
----------------------------------------
Timestamp: 12/10/2011 1:18:05 PM
Message: HandlingInstanceID: 1caae657-25e6-4444-bee2-bc5c5a21e08a
An exception of type 'System.Web.HttpException' occurred and was caught.
------------------------------------------------------------------------
12/10/2011 07:18:05
Type : System.Web.HttpException, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
Message : Failed to authenticate. Reason: Unknown
Source : Telerik.Sitefinity
Help link :
WebEventCode : 0
ErrorCode : -2147467259
Data : System.Collections.ListDictionaryInternal
TargetSite : Boolean IsBasicAuthenticaton(System.Web.HttpContextBase)
Stack Trace : at Telerik.Sitefinity.Security.SecurityManager.IsBasicAuthenticaton(HttpContextBase context)
at Telerik.Sitefinity.Security.SecurityManager.AuthenticateRequest(HttpContextBase context)
at Telerik.Sitefinity.Web.SitefinityHttpModule.Context_AuthenticateRequest(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Additional Info:
MachineName : DMZDISTWEB
TimeStamp : 12/10/2011 1:18:05 PM
FullName : Telerik.Sitefinity.Utilities, Version=4.3.1873.0, Culture=neutral, PublicKeyToken=b28c218413bdf563
AppDomainName : /LM/W3SVC/2/ROOT-1-129679884028874850
ThreadIdentity :
WindowsIdentity : NT AUTHORITY\NETWORK SERVICE
Requested URL : http://wwwbeta.fortbendisd.com/
Category: ErrorLog
Priority: 0
EventId: 90000
Severity: Error
Title:Enterprise Library Exception Handling
Machine: DMZDISTWEB
App Domain: /LM/W3SVC/2/ROOT-1-129679884028874850
ProcessId: 7048
Process Name: C:\Windows\SysWOW64\inetsrv\w3wp.exe
Thread Name:
Win32 ThreadId:5568
Extended Properties:
----------------------------------------
Hello Anthony,
This happens if the a user had tried to authenticate but it wasn't validated. Inside
SecurityManager.AuthenticateUser(string membershipProviderName, string userName, string password, bool persistent, out User user) we get the user object with UserManager.GetUser(username) and then validate the user with the password supplied as a parameter.
The validation fails if
- the user object is null
-the username/password combination is not valid.
Best wishes,
Ivan Dimitrov
the Telerik team
Hi Ivan
I've just upgraded our site to v4.4 and we have started to receive a lot of these errors. One of our SEO Tools is unable to access the site due to 403 errors. The Sitefinity log displays an error the same as in Anthony's post above. Why is it checking BasicAuthentication? This is not enabled on the server or the site.
Thanks
Ryan
Is anyone else experiencing this? It appears to be search engine spiders and bots that are getting these errors, which is obviously bad for our SEO.
Hi,
Yes, we make a check if(!IsBasicAuthenticaton(context)), so during the check we get inside this method. We look for context.Request.Headers["Authorization"]. Most probably when you run the crawler you use this header is not presented in the headers collection.
Do you have issues browsing the website or have you received some reports from website visitors?
All the best,
Ivan Dimitrov
the Telerik team