Re: "Hidden" HTTP 401 Errors

From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 10/24/04


Date: Sun, 24 Oct 2004 17:22:58 +0200

Eric,

How is your session timeout set?

I am not sure if this will help, but if you can, try to change the values
and see what happens.

Here is an example how to change the values.
http://support.microsoft.com/kb/233477/EN-US/

On IIS6 default timeout is 20 minutes.

Mike

"Eric Kassan" <mail@EricKassan.net> wrote in message
news:uCMIgcVuEHA.2820@TK2MSFTNGP15.phx.gbl...
> As I mentioned in my original question, I can understand this for the
first
> request to a session, but I am seeing this happen many times throughout a
> session. A couple examples:
>
> 1. A page is requested with security credentials, later the same second
the
> browser requests an image referenced in the page without credentials
> (first). Failure triggers the request to be resent with credentials so
the
> user sees the site "working".
>
> 2. Eight minutes later, the user clicks a link referencing another page
on
> the same site. The request comes in (first) without credentials.
>
> I looked at:
>
> INFO: How IIS Authenticates Browser Clients
> http://support.microsoft.com/default.aspx?scid=kb;en-us;264921
> "When Internet Explorer has established a connection with the server by
> using an authentication method other than Anonymous, it automatically
passes
> the credentials for every new request during the duration of the session."
>
> So this shouldn't happen. The clients involved are IE 6.0. What am I
> missing?
>
> Thanks.
>
>