Re: IIS continually prompting users for their password
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 10/04/05
- Next message: David Wang [Msft]: "Re: File System Object Lockdown...possible?"
- Previous message: Scott: "Re: Freeware ssl-ftp client wrapper available"
- Maybe in reply to: David Wang [Msft]: "Re: IIS continually prompting users for their password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 3 Oct 2005 17:41:55 -0700
> The user clicks on a link to a resource and is
> prompted for their username and password, this is accepted
It sounds like Basic Authentication was enforced for the URL that the user
first clicks
> and they are shown a menu of resources to choose.
> They click on one of the links and a login box
> appears again. This login box will not accept any
> username or password but if you press Cancel
> it displays the resource anyway
This sounds like the URL of the menus have other authentication enabled
because if it was just Basic, then it should just display (browser should be
configured to auto-authenticate using Basic and this should just
automatically work). If it displays when you hit cancel, it probably means
that anonymous authentication is enabled but anonymous user is
misconfigured -- so the web browser keeps trying anonymous failing -- but
when you hit cancel, the browser auto-authenticates using your user identity
and that works, so it succeeds.
The continuous prompting simply says that something is misconfigured on your
server and has nothing to do with the resource type.
-- //David IIS http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights. // "Stephen Ellis" <StephenEllis@discussions.microsoft.com> wrote in message news:69BCFAFC-6E40-4841-A126-60A5DB3CED4E@microsoft.com... Hi David Thanks for responding. I set Basic Authentication at the Virtual Directory level and it appears that this setting is carried down for all urls off of the VD. Is this what you meant? Thanks again Stephen "David Wang [Msft]" wrote: > Sounds like you have anonymous authentication enabled for those URLs, and > the anonyomus user credential configured in IIS is invalid. > > -- > //David > IIS > http://blogs.msdn.com/David.Wang > This posting is provided "AS IS" with no warranties, and confers no rights. > // > "Stephen Ellis" <StephenEllis@discussions.microsoft.com> wrote in message > news:19896939-28F5-482C-A87C-127C1E8EAD9D@microsoft.com... > I have a problem displaying some of the pages on our web server. The server > is a Windows 2003 server (IIS 6.0) that has two web sites separated by host > headers. The setup is really simple, with a mix of asp and static HTML > pages. > I haven't really done anything fancy configuration-wise. We secure some of > our online learning resources via Basic Authentication (No SSL as yet I'm > afraid) and NTFS permissions. The user clicks on a link to a resource and is > prompted for their username and password, this is accepted and they are > shown > a menu of resources to choose. They click on one of the links and a login > box > appears again. This login box will not accept any username or password but > if > you press Cancel it displays the resource anyway. I've checked all the NTFS > permissions up and down the folder structure and everything carries through > correctly. I've also checked the IIS logs, but they do not throw up > anything. > The only thing I can think the problem can be is to do with the way IIS > handles security of .js files as the resources use this within the HTML? Can > anyone help me try to troubleshoot this? I would be forever grateful. > Thanks in advance. > > Stephen > > >
- Next message: David Wang [Msft]: "Re: File System Object Lockdown...possible?"
- Previous message: Scott: "Re: Freeware ssl-ftp client wrapper available"
- Maybe in reply to: David Wang [Msft]: "Re: IIS continually prompting users for their password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
