Re: Integrated Windows Authentication
From: BB (Bernard_at_3exp.com)
From: "BB" <Bernard_at_3exp.com> Date: Wed, 9 Apr 2003 15:17:04 +0800
Of coz. if you have proxy in between. NTLM won't work.
Normally we do Basic Auth + SSL
-- Regards, Bernard Cheah http://support.microsoft.com/ "bimosekin" <email@example.com> wrote in message news:firstname.lastname@example.org... > It does not work in my case, I guess this might have to > do with the browser being configured with proxy-server. > > If I then have to use "Basic Authentication", how can I > proted username and password" from potential sniffers. > > > >-----Original Message----- > >Check you IE settings. > >Option - Security - based on the zone, > >click on customer level, scroll down to the bottom, > >select 'prompt for username and password'. > > > > > > > >-- > >Regards, > >Bernard Cheah > >http://support.microsoft.com/ > > > > > >"bimosekin" <email@example.com> wrote in message > >news:firstname.lastname@example.org... > >> We have a subdirectory within a website on IIS 5.0, on > >> which users are to login with their username and > password > >> before accessing it. > >> > >> The Webserver is place in DMZ and not part of the > domain. > >> Local accounts are also created on the server with > >> required NTFS permission on the subdirectory. On the > IIS > >> level, the directory is enabled only with "Integrated > >> Windows Authentication". > >> > >> However the user get "not authorized message" whenever > >> they try to login through their WindowsXP clients > wuthin > >> the domain. No login paged is displayed for them to be > >> able to enter their credentials. But I do get a login > page > >> when I tried accessing the subdirectory from external > >> connection on W2K client. > >> > >> The only way I get the login page within the domain is > if > >> I enabled "Basic Authentication", but I do not wish to > >> leave this enable due to security reason. > >> > >> Any help? > > > > > >. > >