Re: HELP PLEASE The request failed with HTTP status 401: Access Denied.
From: nu-k-ar (nospam@plz.com)
Date: 11/27/02
- Next message: nu-k-ar: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Previous message: Alex Muntean: "WebControls error in an application running under an impersonate identity"
- In reply to: Larry Hastings: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Next in thread: nu-k-ar: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "nu-k-ar" <nospam@plz.com> Date: Wed, 27 Nov 2002 08:56:22 +0100
what i can say is that when u have guid , with the browser, this is the guid
u received when loggin to the domain controller, @ startup.the ie capable of
getting your guid somewhere from the sub-sys..
so if u connect to a web-server ur login gets delegated ...
except that the guid looks like a null session, so maybe u're runnig under
anonymous, the anonymous never gets away if u decheck the iisUser box in the
snap.in it's still there.
some hint's
are u shure u have turned impersonation on in the web-config file ?
u have set the accsses permission on the web. ii's admin , web -> right ->
Permission's (.net server)
i mostly worked now with integrated and certificates, so never really used
digest/clear from clientside, ( sec issues)
the user on the server is in the domain , is it locally
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q248187
an old article bout impersonation ( i think the impersonate tag in the
web.config shoud do this)
maybe someone from MS could explain...
//eot
"Larry Hastings" <greg.NOSPAM.@NOSPAM.unixsucks.com> wrote in message
news:uu7sbilkv7jsba@corp.supernews.com...
> Logon type if different for both events. One if local logon (logon 2) and
> second one network logon (logon 3).
> Check if that user can access file shares on that machine from remote
> location. Is there any other event messages about failed logon?
>
> --
>
> G
> http://www.unixsucks.com
> "John" <jonashbaugh@hotmail.com> wrote in message
> news:O40022XlCHA.1356@tkmsftngp04...
> > I have turned on all security auditing and this is what I have found.
When
> > trying to connect using the code I get this:
> > Logon Failure:
> >
> > Reason: Unknown user name or bad password
> >
> > User Name: USeRx
> >
> > Domain: VCNET
> >
> > Logon Type: 3
> >
> > Logon Process: IIS
> >
> > Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> >
> > Workstation Name: WRK1
> >
> > When connecting to the site via a browser I get this:
> > Successful Logon:
> >
> > User Name: USeRx
> >
> > Domain: VCNET
> >
> > Logon ID: (0x0,0x5FC98)
> >
> > Logon Type: 2
> >
> > Logon Process: IIS
> >
> > Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> >
> > Workstation Name: WRK1
> >
> > Logon GUID: {00000000-0000-0000-0000-000000000000}
> >
> >
> > Is there a security policy I am not setting up correctly?
> >
> >
> > "nu-k-ar" <nospam@plz.com> wrote in message
> > news:ejxB5fWlCHA.2240@tkmsftngp04...
> > > 1.) turn on all your security policy logging
> > >
> > > 2.) check if u have an real login (means kerberos token)
> > > 3.) if u go to an remote sql-server (integrated sec), mark u're
> > web-service
> > > server "for delegation" in the AD
> > > http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q283201
> > >
> > > 4.) disable integrated sec on the web-server cause integrated is
> stronger
> > > than basic
> > >
> > > 5.) if u go with integrated then u deliver a kerberos token
> > >
> > > isent it NetWorkCredential.getGredential(URI)
> > > cred.user
> > > cred.pass
> > > cred.realm
> > >
> > > check your security logs...
> > >
> > > blaaa....
> > >
> > > .::[nu-k-ar]::
> > >
> > >
> > > "John" <jonashbaugh@hotmail.com> wrote in message
> > > news:#2ltUjVlCHA.2036@tkmsftngp07...
> > > > We have basic authentication on through IIS. We are running a win xp
> pro
> > > > server. When trying to access the site via a browser I get the login
> and
> > > > password page. I put in the valid login and password and I am able
to
> > > access
> > > > the site. However through our code we cannot access the site
> > > automatically.
> > > > I am missing something? Thanks in advance. This site is accessible
via
> > the
> > > > internet.
> > > >
> > > > Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As
> > > > System.Web.UI.ImageClickEventArgs) Handles btnLogin.Click
> > > >
> > > > Dim Service As New localhost.ABCService()
> > > >
> > > > Dim credentials As System.Net.NetworkCredential = New
> > > > System.Net.NetworkCredential("USeR", "xxxxxx")
> > > >
> > > > Service.Credentials = credentials
> > > >
> > > > Dim Info As String = Service.Login(LCase(txtUser.Text),
> > > > LCase(txtPassword.Text), LCase(txtCompany.Text))
> > > >
> > > > Dim str As String
> > > >
> > > > If Info = "Error" Then
> > > >
> > > > Response.Redirect("login_err.aspx")
> > > >
> > > > End IF
> > > >
> > > > End Sub
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: nu-k-ar: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Previous message: Alex Muntean: "WebControls error in an application running under an impersonate identity"
- In reply to: Larry Hastings: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Next in thread: nu-k-ar: "Re: HELP PLEASE The request failed with HTTP status 401: Access Denied."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
