Blog Post

IIS Support Blog

1 MIN READ

401 Custom Error Page Breaks Windows Authentication

Former Employee

Mar 26, 2021

IIS has an easy way to add custom error pages in IIS Manager. However, using IIS Manager for adding a custom page for 401 status code may cause issues with Windows Authentication. Your website may keep prompting credentials even though you enter the correct username and password.

It is expected for Windows Authentication to be unfunctional if there is a new custom error page for 401 status. As a workaround, I would recommend editing the IIS default error page located at %SystemDrive%\inetpub\custerr\en-US\401.htm

Open this file in notepad and make changes. Then save it as htm file and replace the existing one.

Published Mar 26, 2021

Version 1.0

Nedim

Former Employee

Joined November 26, 2018

View Profile

IIS Support Blog

Follow this blog board to get notified when there's new activity

1 Comment

PVM
Copper Contributor
Dec 21, 2021
I found this post while searching for a similar issue.
The difference in my case was that adding a Custom 401 makes the Windows Authentication prompt never show, and instead the IIS immediately rendered the error page in all situations.

Since our backend runs in PHP I have then tried creating a custom Error page also in PHP, for debugging.
This gave me more tools than a pure HTML page would.
Adding these lines to the start of my custom error page fixed the issue for me:
http_response_code(401);
header('www-authenticate: Basic realm=""');
Essentially, this makes sure my custom error page also returns HTTP status 401 (like the default pages do),
and it clears the IIS Authentication Header, which will then allow the prompt to return on page reload.

Hope this can help someone 🙂