RE: SSL forces Windows Authentication?!?

From: Mike LeBlanc (mike_leblanc_at_stuller.com)
Date: 07/31/03 

Date: Thu, 31 Jul 2003 06:48:48 -0700

Thanks for the reply.

This is running on Windows 2000 Advanced Server SP 3
(5.00.2195).

I tried to get the Permissions Verifier tool you mentioned
in your first post but the web site said the download was
unavailable.

Windows Integrated Authentication is selected for the sub-
directory and the Everyone group has full control in the
ACL (the _Web Anonymous Users and _Web Applications users
are denied write access).

However, I have made a new discovery. The Challenge-
Response box only pops up when I configure my ASP.NET
application (v1.1) to use https for authentication.
Like so:
                <authentication mode="Forms">
                        <forms name=".kb_admin"
loginUrl="https://servername/parent/sub/login.aspx"
path="/">
                        </forms>
                </authentication>

If I change it to loginURL="/parent/sub/login.aspx" and
then manually change the url to use https when .NET
redirects me to the login page, the page comes up without
the dialog box.

The crazy thing is I use https in the loginURL in several
other applications just fine. Could this some kind of
weird issue with ASP.NET?

Thanks,
Mike

>-----Original Message-----
>Hi Mike,
>
>I'd suggest you check the property of the sub-directory.
Please go to
>Directory Security tab page, then press into
Authentication and Access
>Control to check the Authentication Method. By default,
the Windows
>Integrated Authentication will be selected.
>
>If the item is selected, I think you'd better check the
directory's
>security property. You should check whether the IIS_WPG
local group has
>been added to the ACL. If not, please add it. If your
server is a DC, you
>should also add the "NT Authority\Network Service"
account into the
>directory ACL.
>
>If the above give no help, please tell me the detailed
information about
>your directory security property and all the related
information, such as
>OS etc. Then we can do more troubleshooting.
>
>Does this answer your question? Thank you for using
Microsoft NewsGroup!
>
>Wei-Dong Xu
>Microsoft Product Support Services
>Get Secure! - www.microsoft.com/security
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>.
>

Relevant Pages

  • NTFS permissions failed on BDC setup
    ... The problem is that we have configured our Web Server ... domain set as "dgbr.org".The 'Anonymous Authentication' ... Windows 2000 Advanced Server Machine. ...
    (microsoft.public.security)
  • pass through authentication
    ... file server called \\fileserver windows 2000 advanced server ... I have tried just about every possible setting for authentication to work. ...
    (microsoft.public.inetserver.iis.security)
  • RE: Intranet access
    ... Subject: Intranet access ... If you still get prompted after changing it to Windows NT ... Authentication then try my original suggestion of changing the IE security ... for "Directory Security", a button at the top reads "Edit..." ...
    (Focus-Microsoft)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... > is turning on/off Kerberos is occuring. ... It control how IE deals with "Authentication: ... when you put IIS6 in a domain and have "Integrated Windows Authentication" ...
    (microsoft.public.windows.server.security)
  • Re: Change in ASP.Net authentication between Win2000 and Win2003
    ... > is turning on/off Kerberos is occuring. ... It control how IE deals with "Authentication: ... when you put IIS6 in a domain and have "Integrated Windows Authentication" ...
    (microsoft.public.inetserver.iis.security)