Re: Integrated Windows Authentication

From: BB (Bernard_at_3exp.com)
Date: 04/09/03


From: "BB" <Bernard_at_3exp.com>
Date: Wed, 9 Apr 2003 15:17:04 +0800


Of coz. if you have proxy in between. NTLM won't work.
Normally we do Basic Auth + SSL

-- 
Regards,
Bernard Cheah
http://support.microsoft.com/
"bimosekin" <bimosekin@hotmail.com> wrote in message
news:047101c2fe63$6d200e70$a401280a@phx.gbl...
> It does not work in my case, I guess this might have to
> do with the browser being configured with proxy-server.
>
> If I then have to use "Basic Authentication", how can I
> proted username and password" from potential sniffers.
>
>
> >-----Original Message-----
> >Check you IE settings.
> >Option - Security - based on the zone,
> >click on customer level, scroll down to the bottom,
> >select 'prompt for username and password'.
> >
> >
> >
> >-- 
> >Regards,
> >Bernard Cheah
> >http://support.microsoft.com/
> >
> >
> >"bimosekin" <bimosekin@hotmail.com> wrote in message
> >news:065201c2fe06$97715100$2f01280a@phx.gbl...
> >> We have a subdirectory within a website on IIS 5.0, on
> >> which users are to login with their username and
> password
> >> before accessing it.
> >>
> >> The Webserver is place in DMZ and not part of the
> domain.
> >> Local accounts are also created on the server with
> >> required NTFS permission on the subdirectory.  On the
> IIS
> >> level, the directory is enabled only with "Integrated
> >> Windows Authentication".
> >>
> >> However the user get "not authorized message" whenever
> >> they try to login through their WindowsXP clients
> wuthin
> >> the domain.  No login paged is displayed for them to be
> >> able to enter their credentials. But I do get a login
> page
> >> when I tried accessing the subdirectory from external
> >> connection on W2K client.
> >>
> >> The only way I get the login page within the domain is
> if
> >> I enabled "Basic Authentication", but I do not wish to
> >> leave this enable due to security reason.
> >>
> >> Any help?
> >
> >
> >.
> >