Re: BASIC authentication Issues with IE - Part II - Solved but WHY?
From: hector (nospam_at_nospam.com)
Date: 03/27/04
- Next message: Timo: "Re: Basic question on Windows Integrated Security"
- Previous message: hector: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- In reply to: Ken Schaefer: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Next in thread: Wade A. Hilmo [MS]: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Reply: Wade A. Hilmo [MS]: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Mar 2004 00:57:37 -0500
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:eW33$%235EEHA.3064@tk2msftngp13.phx.gbl...
> Hi,
> OK, now's where things get a bit interesting. I tried doing what I think
> you're doing:
> a) create a page on myserver.com (page1.asp) which requires Basic
> authentication.
> b) create some links on the page - one link points to page2.asp on the
same
> server. Page2.asp also requires Basic Authentication
> c) Goto page1.asp, enter username/password, get access to page1.asp
> d) Click on the link to page2.asp, but choose "Open in New Window". IE
> automatically sends credentials, and I'm giving access.
> e) Now, I close the second window, and return to my first window. I click
> the link to page2.asp again (but without choosing "open in new window").
IE
> sends by credentails, and I'm logged in fine.
In step c, how do you "Goto Page1.asp"?
Do this by creating a simple Default Home Page with a link to this page1.asp
If you type the url on the IE address bar, you will not see the problem.
> Now, you seem certain that this is a bug. I would call Microsoft PSS
> (Product Support Services), and open a call to debug the issue. Certainly
> it's a not common problem (otherwise lots of people be having problems
with
> Basic Authentication), and it doesn't manifest itself on my copy of IE,
nor
> any other copy of IE that I've had before. If there is a bug in IE that
you
> are using, then you will not have to pay - it'll be fixed for free by
> Microsoft.
Ken, this is has been a long time issue. I've been down this route before,
including calling them on the matter and/or related issue where you are not
losing credentials but it was cached and used again automatically in the
Explorer "Previewing" logic. Like I said, this has been an issue for a long
time and I am not the only one. And you know perfectly well, Microsoft is
will be mum on the subject closed related with security. I am just trying
to figure it out once and for all. I'm not a USER, well yeah of course I
am, I am a user of my own creation as well as hundreds of thousands of
user/customers. So we have to satisfy their reports too. But like I
said, for this particular "lost of authentication", I was one of the few
within our own product reporting it and know I find out "how" it happens.
I am going to try one more thing and that is put the URL in the Favorites
likes instead. I can't do it know until I close Outlook and all Microsoft
software that has the IE logic integrated with the INETINFO.EXE credential
caching. PS: Do a search for this and you will see it how its all related,
and how there is difference with XP vs. others, how Microsoft solved the URL
shortcut automatic authentication security hole in XP but not others for
some "legacy reason." Yes, incoherent and all very inconsistent which is
what I am trying to get all straight once and for all.
-- Hector Santos, Santronics Software, Inc. http://www.santronics.com
- Next message: Timo: "Re: Basic question on Windows Integrated Security"
- Previous message: hector: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- In reply to: Ken Schaefer: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Next in thread: Wade A. Hilmo [MS]: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Reply: Wade A. Hilmo [MS]: "Re: BASIC authentication Issues with IE - Part II - Solved but WHY?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
