Re: Authenticate user and allow anonymous access

From: Joseph Geretz (jgeretz@nospam.com)
Date: 03/16/03

  • Next message: Joseph E Shook: "Re: Authenticate user and allow anonymous access"
    From: "Joseph Geretz" <jgeretz@nospam.com>
    Date: Sat, 15 Mar 2003 20:40:12 -0500
    
    

    Hi Joseph,

    > Just turn on Basic Auth and Integrated. Turn off Anonymous and create a
    > generic username and password for users that do not have domain accounts.
    > This would be a domain account but a restriced domain account with out
    logon
    > local types of permissions.

    How will this work? As Stefan said above, some users are coming in without
    credentials and he doesn't want them to be challenged, he'd like them to
    succeed as Anonymous. With what you have suggested, Anonymous users will be
    challenged for credentials since you have disabled Anonymous.

    Or am I missing something?

    Thanks,

    Joseph Geretz

    >
    >
    > "Joseph Geretz" <jgeretz@nospam.com> wrote in message
    > news:#LPyGTJ6CHA.1040@TK2MSFTNGP10.phx.gbl...
    > > Hi Stefan,
    > >
    > > > This will not work, simply because when checking both Windows
    > > > Integrated Authentication and Anonymous Access, IIS will default to
    > > > the lowest and never begin a challenge of the user, causing the
    > > > credentials to never be passed on to the application.
    > >
    > > I thought this might be the case. Oh well...
    > >
    > > > Anyone that has an idea/hack/whatever on how to do this, please let me
    > > > know.
    > >
    > > Here's a hack: IIS allows you to replace specific error pages with your
    > own
    > > page. Set up two virtual directories into your site; Anon & Auth. Anon
    > > allows anonymous access, Auth disallows anonymous. By default, users
    come
    > in
    > > on Auth. If they have credentials, they are in. All url's on the site
    > should
    > > be relative, so as they continue to browse they kep coming in through
    the
    > > Auth virtual directory.
    > >
    > > If they do not have credentials, that will fire an IIS error (505 I
    > think?).
    > > Remap your IIS 505 (or whatever) error to a page which simply redirects
    > > anonymous users to the Anon virtual directory. Again, since all url's on
    > the
    > > site are relative, as they continue to browse they kep coming in through
    > the
    > > Anon virtual directory.
    > >
    > > Not bullet-proof. Network users, can explicitly 'jump' over to Anon of
    > they
    > > want. But if user's 'play by the rules' that is they use the links
    > supplied
    > > by the application, rather than using the browser url bar, this might
    work
    > > for you.
    > >
    > > Like I said, it's a hack.
    > >
    > > Hope this helps,
    > >
    > > Joseph Geretz
    > >
    > >
    >
    >


  • Next message: Joseph E Shook: "Re: Authenticate user and allow anonymous access"