MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Security Issue on default page

  Asked By: Pankaj    Date: May 10    Category: MOSS    Views: 1115

I have an issue where I go to the root site and of MOSS 2007 and
access http://hostname and we receive a "You are not authorized to
view this page."

If I go to a site under that
http:///hostname/workgroups/IT/default.aspx I get in fine without

I have compared this site to production and it seems to be the same on
the surface.

Any Ideas?



2 Answers Found

Answer #1    Answered By: Irving Hurley     Answered On: May 10

You can't really tell just from the URLs, but a couple of assumptions and a
couple questions.

1) Do you get the same response if you try to access
<http://hostname/default.aspx>" target="_blank" rel="nofollow">http://hostname/default.aspx>http://hostname/default.aspx or
<http://hostname/pages/default.asps>" target="_blank" rel="nofollow">http://hostname/pages/default.asps>http://hostname/pages/default.asps (if
its a publishing site)? Occasionally IIS doesn't pick up default.aspx as a
default page  to be considered when you just access the hostname with no page
specified. You can fix this by adding default.aspx to the list of default
pages in the properties of the website in IIS.

2) Assuming that workgroups is a managed path instead of a child site.
IT would be the top level site  of a different site collection. Since Site
collections are security  boundaries you wouldn't have rights in hostname
just because you do in hostname/workgroups/IT. If you aren't the site
collection owner of the root  then you may not have rights there and MOSS is
responding appropriately.

3) Someone may have switched the Root managed path from being an
Included managed path to being a Wildcard Included managed path. If the
root is a Wildcard managed path you won't be able to login to the root, only
to a named site collection in the root. Although I believe this gives a
page not found error rather than a "You are not authorized error."

Answer #2    Answered By: Lalit Bhattacharya     Answered On: May 10

Do you have an Alternate Access Mapping set for all the URLs you're
using? I've seen the lack of an AAM cause weird issues if you leave
default.aspx off.

Didn't find what you were looking for? Find more on Security Issue on default page Or get search suggestion and latest updates.