Re: Internet Security

From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 10/09/03 

Date: 9 Oct 2003 01:01:34 GMT

In article <90ccdce5.0310081616.285b209e@posting.google.com>,
ARenko <a_renko@pacbell.net> wrote:
:We have a company web site, in which our clients can access their
:accounts by logging into our network through the normal network
:authentication login prompt. My problem, and bare with me, as I have
:become the IT department by default, is that we have one client, that
:when they go to the login page on the web site, does not receive the
:login prompt.

What is "the normal network authentication login prompt" ?

:Anyone have any idea what might cause this? I know the
:account works, as we have tested it from off site, so I assume it is a
:configuration problem either with IE on their end, or something on
:their firewall? Any help would be appreciated!

If by "network authentication login prompt" you mean using
HTTP Basic Authentication,
http://www.w3.org/Protocols/HTTP/1.0/spec.html#BasicAA
which prompts standard browsers for a username and password,
then the problem could be that the customer's browser has those
credentials cached and is sending them automatically when they connect
to your pages.

If this is what is happening, the first thing I would suggest is
that you request that the customer run a spyware detection tool
such as SpyBot Search & Destroy, as the customer might have downloaded
one of those "helper" programs. Or I seem to remember that IE
has a facility to "remember my password"; I don't use IE often enough
to be sure of that [and I would have turned it off if I'd seen it.] 

-- 
millihamlet: the average coherency of prose created by a single monkey
typing randomly on a keyboard. Usenet postings may be rated in mHl.
   -- Walter Roberson

Relevant Pages

  • Re: User configuration question
    ... > I'm using AD user accounts as I'm not aware of another way of doing it. ... not recommend use of IIS on a DC - but in a single server SBS ... Deny local login and to Deny network login. ... >>> The web site is configured to use Windows authentication, ...
    (microsoft.public.windows.server.security)
  • Re: SP2 and OWA
    ... How would HTTPS vs. HTTP prevent the compromise of the F-E server? ... usually a lot fewer protections once inside the network. ... was close to 10,000 locked out accounts). ... using HTTPS to attack a web site would make ...
    (microsoft.public.exchange.admin)
  • Re: Missing FTP link
    ... and that you should change it to My Network Places. ... I tried to load it to the site but got the error msg "cannot connect to ... Protocol) web site through a fire wall/proxy server and the proxy ...
    (microsoft.public.publisher.webdesign)
  • Re: Script help
    ... Network administration is always a ... If these are, in fact, writing lab computers, and students have their files ... shared on a server somewhere on campus, then yes, individual accounts are ... >> need the script, just log on the account and add the printer, followed by ...
    (microsoft.public.windows.server.scripting)
  • Re: [opensuse] fstab: umount as user
    ... Network Operating System concepts.... ... accounts and their settings exist on the ... Secondly, one single mount point for all users is just bad, it won't work. ... If A is member of group 2 they can use resource VI when they log in... ...
    (SuSE)