IIS6 and AuthPersistence
- From: Darren Syzling <"dsyzling <nospam>
- Date: Tue, 28 Feb 2006 15:42:44 +0000
I wonder if anyone can clear up the confusion around the AuthPersistence metabase attribute and IIS 6. Currently if a site is defined to use integrated authentication under IIS 6 each request causes a 401 challenge/response. Under previous versions this behavior could be optimised to only challenge on a session or possibly as long as the socket connection was kept open. This prevented constant 401s when returning a single page.
The following link:
http://technet2.microsoft.com/WindowsServer/en/Library/35d4445b-5440-4dc8-80f3-cea51b23abbc1033.mspx
Suggests that the only valid value for AuthPeristence with IIS 6 is AuthPersistSingleRequest and that each request will generate a challenge. However under two conditions - Integrated Auth is set to NTLM or Integrated Auth is set to Negotiate and NTLM is used - this value will be false and the previous behavior will be supported for backward compatibility. Which I read as we can optimise the challenge response protocol if NTLM is used.
Another version of the document above was provided with the IIS 6 resource kit and this claims the behavior has been removed and the only supported value us AuthPersitSingleRequest.
So can the 401 behavior for integrated authentication be optimised? Or are we stuck with 3 round trips for each server request with IIS 6?
Appreciate any help around this area.
Darren
.
- Prev by Date: Re: IE prompts for a password when using anonymous authentication
- Next by Date: IIS Authentication, FSO and Form Methods
- Previous by thread: Re: IE prompts for a password when using anonymous authentication
- Next by thread: IIS Authentication, FSO and Form Methods
- Index(es):
Relevant Pages
|
