Monday, February 2, 2009

Web Application Stress Tool - 401 Unauthorized Errors

Problem I'm using the Microsoft Web Application Stress Tool.  It's meant to hit a web page repeatedly for testing purposes.  However, when I check the results, they were all "401 - Unauthorised".
Explanation

It turns out that if anonymous access is disabled on the web site you are accessing due to the way IIS evaluates authentication, this behavior is expected. In Operations Manager, the default evaluation for a Web Application is to generate a Critical Alert if an HTTP return code of 400 or anything above comes back. In IIS, even if anonymous authentication is disabled for the site, it is still evaluated and will always return a 401. The aggregated results (The outcome) will succeed but the 401 return code will cause the test to fail...

Solution

The simplest fix (for development and testing purposes) is to enable anonymous access to the site.

No comments:

Post a Comment