Web Farm server 401 error

Yang Wen asked on November 9, 2015 16:57

Our 2 instance Kentico environment is configured with Windows Authentication enabled for the entire site. User must present a valid AD token in order to access any of the site.

This configuration appears to inherent conflict with the web farm feature. When performing "Check Server Availability" in the Web Farm -> Servers tab, Kentico makes a simple GET request to the server's root URL, such as the raw request example below.

GET http://servername/ HTTP/1.1
Host: servername
Connection: Keep-Alive

This request obviously lacks any sort of authentication header, which is required due to the windows authentication setting enabled in Kentico. This request results in "servername" returning 401 - unauthorized error. As a result, I see a lot of webfarm 401 errors in events log.

Googling for Kentico documentation for our configuration comes up nothing. HOwever I don't believe our have an atypical configuration. Any idea how to resolve this? THanks

Recent Answers

David te Kloese answered on November 10, 2015 11:34

Hi,

I'm not sure Webfarm logic can be upated (easily) with AD authentication. But you could just exclude de webfarm files from your AD logic.

For this you need to place a web.config file in the directory you want to exclude. The webfarm uses the CMSPages/WebfarmUpdater.aspx I believe...

Checking this seems there allready is one default in my Kentico instance. Could you check if you have a web.config present in the CMSPages folder? and check if it contains the following:

  <location path="WebFarmUpdater.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

Greets,

David

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.