Re: client gets always every first time for every page a 401

• Previous message: Stephen L Nicoud: "Re: Integrated Windows Authentication"
• In reply to: megloff: "client gets always every first time for every page a 401"
• Next in thread: megloff: "Re: client gets always every first time for every page a 401"
• Reply: megloff: "Re: client gets always every first time for every page a 401"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 28 May 2003 12:26:18 +0800

This is normal, cause the browse will always try anonymous access first.

Read
INFO: How IIS Authenticates Browser Clients
http://support.microsoft.com/?id=264921

-- 
Regards,
Bernard Cheah
http://support.microsoft.com/
"megloff" <joes@bluewîn.ch> wrote in message
news:uCvlmpGJDHA.3272@tk2msftngp13.phx.gbl...
> Hello there
>
> I have an issue with the basic authentication from IIS. I working with
> IIS 4.0 on WinNT 4 Server SP3. My WebSite instance in the IIS has the
> basic authentication activated.
>
> When I try now to access with a new Browser Instance to my Website, I
> get for every first page the first time an 401.
> I think there is something wrong configurated, because I expect that it
> is only necessary to authenticate to my root of the website and not for
> each page or request on my site.
> Is this correct? Or is this normal that my Browser has to authenticate
> for every request ?
>
> Here an example sequence to make it more understandable:
>
> 1.[Browser] Get /myRoot/myFolder/MyDoc.html
> 2.[Server]  401 (Basic Realm)
> 3.[Browser] Get /myRoot/myFolder/MyDoc.html Basic:xxxxxxx
> 4.[Server]  200 Ok
> 5.[Browser] Get /myRoot/myFolder/mySubFolder
> 6.[Server]  401 (Basic Realm)
> 7.[Browser] Get /myRoot/myFolder/mySubFolder Basic:xxxxxx
> 8.[Server]  200 Ok
> ... // If I am accessing the same page the second time it works
>
> x.[Browser] Get /myRoot/myFolder/mySubFolder Basic:xxxxxx
> xi.[Server] 200 Ok
>
> Why does my Browser in case 5 not submit the Basic Authorization String
> automatically? So the Browser should know that he can use the same
> credentials as used in 3, because they have the same root. Is this
> because a header is missing from the IIS?
>
> I attached You also some lines from the IIS logs which makes it more
> understandable as my pretty created sequence above:
>
> 2003-05-26 15:58:32 166.11.47.199 -
> /banking_content_management/common/login_action/0,,,00.html 302 217 1922
> 2003-05-26 15:58:32 166.11.47.199 -
> /csam_content_management/csam_content_management_home 401 797 16
> 2003-05-26 15:58:32 166.11.47.199 szrh91604\logicacma
> /csam_content_management/csam_content_management_home/ 302 402 0
> 2003-05-26 15:58:32 166.11.47.199 szrh91604\logicacma
> /csam_content_management/csam_content_management_home/0,,,00.html 200
> 16943 16
> 2003-05-26 15:58:32 166.11.47.199 szrh91604\logicacma
> /banking_content_management/common/images/csam.gif 200 1746 31
> 2003-05-26 15:58:32 166.11.47.199 szrh91604\logicacma
> /banking_content_management/common/images/provider.gif 304 141 16
>
> Thank for you any comments if this is a normal behaviour or if we can
> achieve this.
>
> Thank you regards
> Mark
>
>
>
> *** Sent via Developersdex http://www.developersdex.com ***
> Don't just participate in USENET...get rewarded for it!

• Previous message: Stephen L Nicoud: "Re: Integrated Windows Authentication"
• In reply to: megloff: "client gets always every first time for every page a 401"
• Next in thread: megloff: "Re: client gets always every first time for every page a 401"
• Reply: megloff: "Re: client gets always every first time for every page a 401"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]