Re: 401 error requires browser restart for unrestricted pages
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 11/18/03
- Next message: Jeff Cochran: "How To Disable WebDAV in IIS5"
- Previous message: Karl Levinson [x y] mvp: "** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.11.18"
- In reply to: Dale Sundstrom: "Re: 401 error requires browser restart for unrestricted pages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 Nov 2003 04:16:49 -0800
This is a 401.1 problem (failure to logon network user), so a NetMon network
trace along with authentication configured for the URLs involved (including
the anonymous user and password that is configured for the URL) would be
helpful. That way, we know what authenticated user is trying to make a
request, and we can see IIS's response, and together with IIS configuration,
should narrow down WHAT user is being denied logon.
Here is one possible scenario that can result in your situation:
1. Anonymous username/password is out of sync between IIS and Windows SAM
DB, so anonymous access always returns 401.1
2. Since you have other authentication enabled (like Challenge/Response),
users that IE remembered to successfully auto-login would succeed in
accessing content as that user -- and not as anonymous.
3. Meanwhile, if the user failed to auto-login and IE doesn't retry (until
it is restarted), it'll always make anonymous requests, and since due to the
anonymous username/password being out of sync, always results in 401.1
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Dale Sundstrom" <dalesundstrom@hotmail.com> wrote in message news:5cb601c3ad36$d3ff9ed0$a601280a@phx.gbl... There is no authentication on http://website. It allows Anonymous access. --Dale >-----Original Message----- >Get a NetMon network trace of the issue -- it is the fastest way to resolve >this issue. > >If you're just using Challenge/Response, I think the issue is with IE since >the browser is responsible for performing the necessary automatic logon. > >What authentication is enabled on http://website ? > >-- >//David >IIS >This posting is provided "AS IS" with no warranties, and confers no rights. >// >"Dale Sundstrom" <dalesundstrom@hotmail.com> wrote in message >news:048f01c3ab02$76835a70$a301280a@phx.gbl... >After failing to logon to a restricted directory of a >website (http://website/restricted), IE will continue to >prompt for a login for unrestricted pages such as the >website's home page (http://website) until IE is restarted. > >For example, visiting a website's homepage >(http://website) and clicking a link to a restricted >directory (http://website/restricted) will cause IE to >prompt for a User Name and Password. If this >authentication fails, the server will return a "401.1 >Unauthorized: Login Failed" error. After receiving this >error, IE continues to try authenticating the user for any >unrestricted pages on the same website, so the user cannot >return to the unrestricted home page of the site (without >logging on) until restarting IE. > >This occurs using IIS on NT4 with Challenge/Response >authentication on the restricted directory, and with IE6 >as the browser. > >What causes this behavior? Is this actually caused by >IIS or IE? How can this behavior be avoided? > >Any help would be greatly appreciated! > >Thanks, --Dale > > >. >
- Next message: Jeff Cochran: "How To Disable WebDAV in IIS5"
- Previous message: Karl Levinson [x y] mvp: "** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.11.18"
- In reply to: Dale Sundstrom: "Re: 401 error requires browser restart for unrestricted pages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
