Re: Network Credentials not passing in Authentication mode
From: Steve (steve.cimino_at_ticketmaster.com)
Date: 01/28/04
- Next message: Ali: "Security Expoit (FormsAuthentication.SignOut()) Does not Work"
- Previous message: Simon Green: "Re: Performance prolem when deploying"
- In reply to: Ken Schaefer: "Re: Network Credentials not passing in Authentication mode"
- Next in thread: Shriop: "Re: Network Credentials not passing in Authentication mode"
- Reply: Shriop: "Re: Network Credentials not passing in Authentication mode"
- Reply: Ken Schaefer: "Re: Network Credentials not passing in Authentication mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Jan 2004 11:59:36 -0800
Thanks for both of your suggestions....
I've even tried this from an IE5 browser (since use windows auth is
default) to see if that would go through, but no joy. I've double
checked my IE6 SP1 settings and I do have send windows auth through.
What I get in the IIS logs (after both of your suggestions) is
17:43:23 127.0.0.1 GET /capex/user.aspx 401 4644 10
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322;+.NET+CLR+1.0.3705)
-
17:43:23 127.0.0.1 GET /capex/user.aspx 401 4383 0
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322;+.NET+CLR+1.0.3705)
-
17:43:23 127.0.0.1 GET /capex/user.aspx 401 4644 10
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322;+.NET+CLR+1.0.3705)
-
Now the 401.4 is
Unauthorized: Authorization failed by a filter installed on the Web
server.
Thing is, it's my localhost webserver. Now I'd guess that the
"filter" it's referring to is the web.config log, no? I've even added
a location to the file... so now it looks like
<configuration>
<location path="CapEx">
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
</configuration>
and have even tried <deny users="?">
An inspection of the system log file in Event Viewer says
Event Type: Success Audit
Event Source: Security
Event Category: System Event
Event ID: 515
Date: 1/28/2004
Time: 11:08:23 AM
User: NT AUTHORITY\SYSTEM
Computer: MYMACHINENAME
Description:
A trusted logon process has registered with the Local Security
Authority. This logon process will be trusted to submit logon
requests.
Logon Process Name: KSecDD
Does this information help any?
Thank you both for taking time to help me... it is much appreciated.
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message news:<OkuL$pU5DHA.1804@TK2MSFTNGP12.phx.gbl>...
> Hi,
>
> I would suggest that you enable Windows file-access-failure auditing on the
> file in question. Then, attempt to browse the page from your web-browser.
> You should see something logged in the event log indicating what user
> account the server thinks is being used to attempt to access the page, and
> then tweak your NTFS permissions appropriately.
>
> Also, be aware that NTLM doesn't work through most proxy servers, and
> Kerberos authentication doesn't work through most firewalls (those are the
> two Integrated Authentication options), so if you're browsing from an
> external site, keep that in mind.
>
> Cheers
> Ken
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Steve" <steve.cimino@ticketmaster.com> wrote in message
> news:b74b67c3.0401270644.13972f16@posting.google.com...
> : Hi Ken, thanks for the reply.
> :
> : No, I'm not using any basic authentication and prompting the user for
> : the name/password. I'm trying to grab what they've already logged
> : into the network with. This was a piece of cake in classic ASP, but
> : I'm still having difficulties getting this to work.
> :
> : I also have under IIS the directory listed as an application, not as a
> : virtual directory. Is there any other information I can provide you?
> :
> : Thanks --
> :
> :
> :
> : "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
> news:<#joLnWH5DHA.1592@TK2MSFTNGP10.phx.gbl>...
> : > Are you using a pop-up window in your browser asking you for a
> : > username/password?
> : >
> : > Cheers
> : > Ken
> : >
> : > "Steve" <steve.cimino@ticketmaster.com> wrote in message
> : > news:b74b67c3.0401260911.204e16ca@posting.google.com...
> : > : All --
> : > :
> : > : I've set up a directory where I simply want to know the person's name
> : > : when he comes into the directory. I've set up the following:
> : > :
> : > : * Uncheck allow anon in IIS
> : > : * Uncheck basic authentication
> : > : * Check 'Use windows authentication'
> : > :
> : > : My web.config file looks as follows:
> : > :
> : > : <configuration>
> : > : <system.web>
> : > : <authentication mode="Windows" />
> : > : <authorization>
> : > : <allow users="*" />
> : > : </authorization>
> : > :
> : > : </system.web>
> : > : </configuration>
> : > :
> : > :
> : > : However, I cannot get to the page -- there's no error being thrown.
> : > : It seems that it just ignores everything. Checking the IIS logs shows
> : > : that a 401 has been issued, but there's no message sent to the user.
> : > :
> : > : The physical folder has 'Everyone' with read permissions. All I want
> : > : is the user's DOMAIN\name sent to me so I can do something with it,
> : > : but it doesn't seem it's being passed.
> : > :
> : > : Any ideas?
- Next message: Ali: "Security Expoit (FormsAuthentication.SignOut()) Does not Work"
- Previous message: Simon Green: "Re: Performance prolem when deploying"
- In reply to: Ken Schaefer: "Re: Network Credentials not passing in Authentication mode"
- Next in thread: Shriop: "Re: Network Credentials not passing in Authentication mode"
- Reply: Shriop: "Re: Network Credentials not passing in Authentication mode"
- Reply: Ken Schaefer: "Re: Network Credentials not passing in Authentication mode"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
