Re: Code runs until Basic Authentication or Digest Authentication

From: BMeyer (bmeyer_at_community.nospam)
Date: 10/26/05 

Date: Wed, 26 Oct 2005 07:54:03 -0700

Thanks for the quick reply. It sounds like you're saying that our code/logic
is probably fine, but we've either got IIS or something to tweak in
web.config?

"Kenneth Koh" wrote:

> Hi Bmeyer
>
> Steven's absolutely right.
> Take a look at this, IIS first, then the ASP.net settings.
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/authaspdotnet.asp
>
>
> Good luck!
> Kenneth
>
> "Steven Cheng[MSFT]" <stcheng@online.microsoft.com> wrote in message
> news:qutGVld2FHA.1144@TK2MSFTNGXA01.phx.gbl...
> > Thanks for Ken's inputs.
> >
> > Hi Bmeyer,
> >
> > As ken mentioned, no matter we specify the credential in web.config's
> > identity/impersonate element or not, the client always need to supply the
> > clientside credential (if IIS anonymous access is turn off). Also, I'm
> > not
> > sure how are you accessing the asp.net web application, through client
> > browser(interactively) or through other webrequest components (like
> > httpwebrequest) programmatically? If convenient, would you provide us
> > some
> > detailed background of your applicaiton's logic?
> >
> > Thanks,
> >
> > Steven Cheng
> > Microsoft Online Support
> >
> > Get Secure! www.microsoft.com/security
> > (This posting is provided "AS IS", with no warranties, and confers no
> > rights.)
> >
> >
> >
> >
> > --------------------
> > | From: "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com>
> > | References: <5B162BE5-1935-4FF3-8900-A430A9CB68A0@microsoft.com>
> > | Subject: Re: Code runs until Basic Authentication or Digest
> > Authentication is r
> > | Date: Wed, 26 Oct 2005 12:28:44 +1000
> > | Lines: 29
> > | X-Priority: 3
> > | X-MSMail-Priority: Normal
> > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> > | Message-ID: <OwXa#Td2FHA.1276@TK2MSFTNGP09.phx.gbl>
> > | Newsgroups: microsoft.public.inetserver.iis.security
> > | NNTP-Posting-Host: 203.53.153.82
> > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
> > | Xref: TK2MSFTNGXA01.phx.gbl
> > microsoft.public.inetserver.iis.security:8811
> > | X-Tomcat-NG: microsoft.public.inetserver.iis.security
> > |
> > | Supplying a username/password in web.config does not mean that the user
> > | doesn't supply credentials.
> > |
> > | Questions that you need to answer:
> > | a) Do you want the user to have to authenticate (i.e. supply Windows
> > | credentials)?
> > | b) Do you have your authentication mode set to Windows in your
> > web.config
> > | file?
> > | c) Are you trying to have ASP.NET impersonate the supplied user
> > credentials?
> > | Or do you want ASP.NET to run under a fixed user identity?
> > |
> > | Cheers
> > | Ken
> > |
> > | "BMeyer" <bmeyer@community.nospam> wrote in message
> > | news:5B162BE5-1935-4FF3-8900-A430A9CB68A0@microsoft.com...
> > | : We have Windows 2003 server running IIS 6.0.
> > | :
> > | : Have an application that creates ASPX session variables based on
> > values
> > | : found in ASP session cookie.
> > | :
> > | : Works great if anyonymous is allowed. Once Basic or Digest Auth is
> > | : required, we get 401 errors. We've even included a default user
> > account
> > | : username,pwd and domain in our web.config file to try and pass the
> > | : credentials manually. Still no luck.
> > | :
> > | : Need to open a case on this one via MSDN so you can try to run our
> > code
> > |
> > |
> > |
> >
>
>
>

Relevant Pages

  • Re: Active Directory Authentication in IIS 6
    ... I just installed ldp.exe and have no problems using the same credentials ... used in the code to connect and bind. ... settings in IIS, but I am not sure where to look. ... and Integrated Windows Authentication is checked. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: IIS6 - Virtual Directory to URL share, authentication problems.
    ... passing credentials across from webserver -> remote file server ... requires Kerberos (if IIS doesn't have the user's password), ... you won't get automatic logon. ... is that the "secure" authentication mechanisms do ...
    (microsoft.public.inetserver.iis.security)
  • Re: custom page for user credentials?
    ... credentials against the various domains. ... after the user authenticates with IIS handling the SSPI Negotiation. ... possible for IIS6 to link a Passport user account to an AD user account -- ...
    (microsoft.public.inetserver.iis.security)
  • Re: AD queries. Please, prove me being wrong...
    ... If you want to impersonate the authenticated user ... Kerberos delegation in AD to allow the web app to have the rights to ... delegate the user's credentials to AD. ... means that you must ensure that you use IWA auth in IIS and ensure that IWA ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Web Single Sign On
    ... IIS site is configured to require IWA and sends a 401.1 response to the ... Windows credentials to the server, ... My web application sits on IIS located outside the domain. ... common identity is the user's username used to logon to the domain/active ...
    (microsoft.public.dotnet.framework.aspnet.security)