Re: Kerberos/NTLM Authentication Problem

From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 10/07/03 

Date: Mon, 6 Oct 2003 22:22:37 -0700

Glad to hear that the problem is resolved. 

-- 
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Nigel Rowe" <nigel.rowe@lycos.co.uk> wrote in message
news:e%23tTdn$iDHA.2616@TK2MSFTNGP10.phx.gbl...
Hi David,
Update; this technet article has fixed the problem ! It seems to apply to IE
5.5SP2 as well ! Many thanks for you help on this one, it has been a problem
for over a  month.
Regards,
Nigel
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:%23I923KkiDHA.1456@TK2MSFTNGP11.phx.gbl...
> Could the error you're seeing be due to the fact that your web pages is
> expecting a non-zero length entity body for the POST , and due to
> http://support.microsoft.com/default.aspx?scid=kb;en-us;251404  , it is
> seeing a zero-length entity body??  The web page then breaks and goes down
> an error path and returns 500.
>
> 251404 frequently show up on a website which has web pages that are
> non-uniformly authenticated (i.e. some anonymous, others NTLM, etc).
Cause
> of non-uniform authentication is usually some form of custom
authentication.
>
> You can test this out by enabling "Integrated Authentication" for the vdir
> containing the POST'd web page and seeing if things start working.
>
> I do not understand what you are saying in reference to the IWAM user.
You
> cannot "enable IWAM" on browser because IWAM user is a server-side
identity
> and has nothing to do with Kerberos/NTLM.
>
> -- 
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Nigel Rowe" <nigel.rowe@lycos.co.uk> wrote in message
> news:%23utXJjZiDHA.1952@TK2MSFTNGP10.phx.gbl...
> We're definitely going down the JSP route... I've found the log viewer on
> the Macromedia JRUN adm console which display a slightly more useful
error -
> java.lang.NullPointerException - which my developers tell me that the POST
> is failing... but strangely enough, GET requests work just fine. Now if
only
> I knew the difference between POST and GET...
> "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
> news:blhrd6$iq120@kcweb01.netnews.att.com...
> > I'm not a JSP person, but my hunch is that the anonymous user account
does
> > not have the necessary permissions for JSP to run properly (if it does
> work
> > when they authenticate).
> >
> > "Nigel Rowe" <nigel.rowe@lycos.co.uk> wrote in message
> > news:OW%23VbwPiDHA.2608@tk2msftngp13.phx.gbl...
> > > Okey dokey, I've done the steps on ASPFAQ and the detailed error
message
> I
> > > get is..."500 null". Is this the sort of error message I'm looking for
?
> > > Sorry if this is a dumb question, but I've got the usual 'contractor
> left
> > > with no documentation/live server broken' scenario.
> > > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
> > > news:blhg55$ish20@kcweb01.netnews.att.com...
> > > > I don't know - but once we find out what the real error is (not just
a
> > > > generic 500) we can probably figure it out ...
> > > >
> > > > "Nigel Rowe" <nigel.rowe@lycos.co.uk> wrote in message
> > > > news:ucZMyiPiDHA.3204@TK2MSFTNGP11.phx.gbl...
> > > > > Tom,
> > > > >
> > > > > Many thanks for your thoughts. One thing I should of course have
> > > mentioned
> > > > > is that other test ASP and JSP pages work fine. These are located
in
> > the
> > > > > same physical subdirectory on the server. ASP itself seems to be
> > working
> > > > > fine. One question; if IWAM is not related, why does enabling it
> make
> > > the
> > > > > page work ?
> > > > >
> > > > > Thanks once again.
> > > > > "Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in
message
> > > > > news:blh53u$ish18@kcweb01.netnews.att.com...
> > > > > > "Nigel Rowe" <nigel.rowe@lycos.co.uk> wrote in message
> > > > > > news:eJw$tbNiDHA.1796@TK2MSFTNGP10.phx.gbl...
> > > > > > > Hi there,
> > > > > > >
> > > > > > > I have a problem which seems to be the exact opposite of other
> > > > Kerberos
> > > > > > > authentication problems I have read! I have an internal IIS
5.0
> > W2K
> > > > SP4
> > > > > > > server which is running a web site that ran just fine on IIS
4.0
> > and
> > > > > > NT4.0.
> > > > > > > Basically I can only get clients to successfully retrieve
> > > information
> > > > > from
> > > > > > a
> > > > > > > .JSP search page if they are running on W2K with IE6 and the
> > 'Enable
> > > > > > > Integrated Windows Authentication' check box selected. The
error
> I
> > > get
> > > > > > seems
> > > > > > > to be on the POST , I just get a return error of 500.
> > > > > >
> > > > > > Let's start here and forget about the rest of the stuff (IWAM
> > > shouldn't
> > > > > have
> > > > > > anything to do with client authentication).
> > > > > >
> > > > > > http://www.aspfaq.com/show.asp?id=2109
> > > > > > http://support.microsoft.com/?id=311766
> > > > > > http://support.microsoft.com/?id=309051
> > > > > >
> > > > > > -- 
> > > > > > Tom Kaminski IIS MVP
> > > > > > http://www.iistoolshed.com/ - tools, scripts, and utilities for
> > > running
> > > > > IIS
> > > > > > http://mvp.support.microsoft.com/
> > > > > >
http://www.microsoft.com/windowsserver2003/community/centers/iis/
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
>

Relevant Pages