Anonymous and NTLM
rgmullen_at_gmail.com
Date: 06/14/05
- Next message: Bernard Cheah [MVP]: "Re: 401.3 on IIS after SP1"
- Previous message: M.Siler: "401.3 on IIS after SP1"
- Next in thread: Bernard Cheah [MVP]: "Re: Anonymous and NTLM"
- Reply: Bernard Cheah [MVP]: "Re: Anonymous and NTLM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 13 Jun 2005 15:21:56 -0700
I have a customer requirement where they would like to alllow certain
users to use NTLM as they enter our secure site while others would
login through a web form. The desired action would be to check the
interactive user's credentials upon entry to the site then compare it
to an ACL we have. If they are not in this list they would be
redirected to the web form login.
It appears to me that enabling both Anonymous and NTLM is IIS will use
the lowest credentials needed to complete a given resource request. IT
would seem that the goal of this requirement could be met by denying
access to the initial page to IUSR_<servername> account and then
redirecting in ASP code on failure but this would seem to be less than
ellegant at best.
Can anyone offer a suggestion as to how the initial resource can be
left unsecured yet have the server challenge for credentials anyway?
- Next message: Bernard Cheah [MVP]: "Re: 401.3 on IIS after SP1"
- Previous message: M.Siler: "401.3 on IIS after SP1"
- Next in thread: Bernard Cheah [MVP]: "Re: Anonymous and NTLM"
- Reply: Bernard Cheah [MVP]: "Re: Anonymous and NTLM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
