Re: 401 - Error from WebServer

From: Chris (chrisadonline@microsoft.com)
Date: 10/09/02


From: chrisadonline@microsoft.com ("Chris")
Date: Wed, 09 Oct 2002 20:10:27 GMT


Hey..
 
This is normal if you have anonymous authentication disabled and are using
Basic and\or NTLM. The authentication handshake assumes anonymous first
(no matter the setting) and the browser depends on IIS to respond with the
correct WWW-Authenticate header.

If anonymous is disabled, IIS will send in the header the correct methods
to use like Basic, Negotiate (for Kerberos), or NTLM for NTLM. With that
said, you should always see a 401.1 Login Failed in your logs for any
content that is not using anonymous and then a subsequent authenticated log
entry with the username. This is all by design.

Here is the article that discusses this...

Q264921 INFO: How IIS Authenticates Browser Clients
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q264921

HTH,

~Chris
Microsoft IIS Technical Lead

“Please do not send email directly to this alias. This is our online
account name for newsgroup participation only.”

This posting is provided “AS IS” with no warranties, and confers no rights.
You assume all risk for your use. © 2001 Microsoft Corporation. All rights
reserved