question

CosminStirbu-1831 avatar image
1 Vote"
CosminStirbu-1831 asked CosminStirbu-1831 commented

Azure App Service AlwaysOn Request - 401 Unauthorized

Hello,

I have an Azure App Service (a ASP.NET Core 5 Web API) that has Always On set to true.
I noticed however in the IIIS logs that the Always On request performed every 5 minutes on the root URL receives a 401 Unauthorized:

 #Software: Microsoft Internet Information Services 8.0
 #Fields: date time s-sitename cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
 2021-11-02 06:53:12 MY-API-DEV-APP GET / X-ARR-LOG-ID=fff28b17-7e6f-4150-ab1e-9fa594f283e8 80 - 127.0.0.1 AlwaysOn ARRAffinity=a12d7eecbf2f9c32ace9bad91b055b759e4e2fdbe58b5717d0f872881913dfd0 - my-api-dev-app.azurewebsites.net 401 71 2147500037 686 821 15

I believe this is a problem because I have notice "cold starts" now and then and I believe this is because the Always On request receives a 401.

The App Service has Azure Active Directory authentication / authorization integration enabled, however I would expect that the Always On requests performed by the load balancer to bypass authentication.

Thank you,
Cosmin

azure-active-directoryazure-webapps-apis
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

After further investigation it seems that I can use WEBSITE_WARMUP_PATH = "/" and then authorization/authentication is bypassed to the root URL.

Interestingly enough, "/" should've been the default value, as per https://docs.microsoft.com/en-us/azure/app-service/reference-app-settings?tabs=kudu%2Cdotnet

1 Vote 1 ·

0 Answers