This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

"You are not authorized to view this page"

  • 4 replies
  • 34 have this problem
  • 1 view
  • Last reply by Bob R

more options

Today (June 11, 2014) Firefox got an update (30.0) and after this I can not longer log in (with username and password) on this page: https://portal.skolen.oslo.no. I can log on via Safari, but I prefer Firefox :)

The complete message:


You are not authorized to view this page You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.

Please try the following:

   Contact the Web site administrator if you believe you should be able to view this directory or page.
   Click the Refresh button to try again with different credentials.

HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration. Internet Information Services (IIS)

Technical Information (for support personnel)

   Go to Microsoft Product Support Services and perform a title search for the words HTTP and 401.
   Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Authentication, and About Custom Error Messages.

Do anyone of you have any suggestion to solve this problem?

Anne

Today (June 11, 2014) Firefox got an update (30.0) and after this I can not longer log in (with username and password) on this page: https://portal.skolen.oslo.no. I can log on via Safari, but I prefer Firefox :) The complete message: ------ You are not authorized to view this page You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept. Please try the following: Contact the Web site administrator if you believe you should be able to view this directory or page. Click the Refresh button to try again with different credentials. HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration. Internet Information Services (IIS) Technical Information (for support personnel) Go to Microsoft Product Support Services and perform a title search for the words HTTP and 401. Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Authentication, and About Custom Error Messages. -------- Do anyone of you have any suggestion to solve this problem? Anne

Chosen solution

Oh, hang on, there was a change. The"NTLM" authentication method used by some Microsoft web servers is less secure on Mac than on Windows. Starting in Firefox 30, that older generation method is disabled as being too insecure.

To connect using that method, you need to re-enable support under the covers. See:

For background:

The workaround:

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste ntlm and pause while the list is filtered

(3) Double-click the network.negotiate-auth.allow-insecure-ntlm-v1 preference to switch it from false to true

I have not tested this myself (this preference does not exist on Windows), and am not fully aware of the security implications.

Does this seem to help?

Read this answer in context 👍 49

All Replies (4)

more options

I'm not sure whether you have tried the "usual" things:

When you have a problem with one particular site, a good "first thing to try" is clearing your Firefox cache and deleting your saved cookies for the site.

(1) Bypass Firefox's Cache

Use Command+Shift+r to reload the page fresh from the server.

Alternately, you also can clear Firefox's cache completely using:

  • "3-bar" menu button (or Tools menu) > Options > Advanced
  • Firefox menu > Preferences > Advanced

On the Network mini-tab > Cached Web Content : "Clear Now"

If you have a large hard drive, this might take a few minutes.

(2) Remove the site's cookies (save any pending work first). While viewing a page on the site, try either:

  • right-click and choose View Page Info > Security > "View Cookies"
  • classic Tools menu > Page Info > Security > "View Cookies"

In the dialog that opens, you can remove the site's cookies individually.

Then try reloading the page. Does that help?


In case one of your extensions is involved, could you test the page in Firefox's Safe Mode? That's a standard diagnostic tool to deactivate extensions and some advanced features of Firefox. More info: Diagnose Firefox issues using Troubleshoot Mode.

You can restart Firefox in Safe Mode using either:

  • "3-bar" menu button > "?" button > Restart with Add-ons Disabled
  • Help menu > Restart with Add-ons Disabled

Not all add-ons are disabled: Flash and other plugins still run

After Firefox shuts down, a small dialog should appear. Click "Start in Safe Mode" (not Reset).

Any difference?

more options

Chosen Solution

Oh, hang on, there was a change. The"NTLM" authentication method used by some Microsoft web servers is less secure on Mac than on Windows. Starting in Firefox 30, that older generation method is disabled as being too insecure.

To connect using that method, you need to re-enable support under the covers. See:

For background:

The workaround:

(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(2) In the search box above the list, type or paste ntlm and pause while the list is filtered

(3) Double-click the network.negotiate-auth.allow-insecure-ntlm-v1 preference to switch it from false to true

I have not tested this myself (this preference does not exist on Windows), and am not fully aware of the security implications.

Does this seem to help?

more options

Thank you!!! The workaround worked perfect :)

Anne

more options

Thank you, jscher2000, that fixed it for me too.

I agree that there can be security implications. I just hope that, while I am "out and about" my laptop doesn't try to connect to a spoofed version of an internal-to-my-company server.......