Re: Not authorized to view page IIS5

From: Brad (lane_at_newsgroup.nospam)
Date: 07/19/05 

Date: Mon, 18 Jul 2005 15:37:47 -0700

If it is an internet size then basically, you can't do that. A users
credentials are not passed to the server until the client attempts to access
a folder/file which is secured. It is the client, not the server, that
prompts for the login....if the browser does not yet have a credential to
pass to the server...and typically is does not: server challenges to client
to pass the security and client browser responds with the credentals it has
available or prompts for them if it does not have them. This is true
whether you use is nt, digest or basic security.
If it's an intranet site, and you are always using IE, and you used NT
authenticaiton instead of Basic, automatic login is enabled for the
intranet zone but the client can still be prompted for username and password
if the initial attempt does not match.

Brad

"Dave T" <Dave T@discussions.microsoft.com> wrote in message
news:8B2FAB44-9435-4E52-BBE2-83A40DBFF773@microsoft.com...
Hello,
 I am running IIS5 and have restricted access to a folder that is on our web
site. I am trying to set this up so that when someone tries to view a page
that is in a folder they do not have access to they get a you are not
authorized to view this page...instead they are prompted for user name and
password..which does not work cause I am doing basic security/permissions on
the folder by network name and active directory. how can I trigger the you
are not authorized to view this page rather than prompting for a user name
and password?
 thanks dtremblay123@hotmail.com

Relevant Pages

  • Reuse of Remoting Channels...
    ... makes it possible for the server to know the identity of the caller. ... If my client is on the other side of a Windows 'realm' (as in the ... RemotingConfiguration options) to reject any clients whose credentials ... "Remoting server cannot be reached. ...
    (microsoft.public.dotnet.framework.remoting)
  • Re: SSPI Kerberos for delegation
    ... We want the authentication to happen without providing credentials ... But SSPI while authenticating from the client to the server can do mutual ...
    (comp.protocols.kerberos)
  • Re: rpc over http problem
    ... I do get prompted for credentials after the server certificate prompts ... :> Exchange Server Settings ...
    (microsoft.public.exchange.admin)
  • Re: Authentication woes
    ... I can not really understand how the client should connect to the DC when they are at work with the 192.x.x.x ip when the server is in 10.x.x.x network. ... If i read the output for the client it is member of domainb.internal and not member of domain.com like the DC, ... If the user logon with cached credentials, ...
    (microsoft.public.windows.server.active_directory)
  • Re: five bogus credential prompts when accessing sbs 2003 server via w
    ... microsoft window server 2003 sp2 ... escape key to bypass prompt. ... not prompt for credentials before I click on the remote web workplace link? ... I assume it is not a client problem since it happens from different browsers ...
    (microsoft.public.inetserver.iis.security)