Re: can someone explain this weird behaviour?
- From: "David Wang" <w3.4you@xxxxxxxxx>
- Date: 11 Apr 2007 04:13:58 -0700
I do not know what you mean by "Map security" because that is not IIS
terminology nor within its UI. I assume you mean "VDir security"
because you talk about "virtual maps under Default Website" and there
are only "virtual directories under Default Website" in IIS parlance.
Why things work/not work completely depends on the specifics of the
custom authentication protocol that you are using, which in this case
comes from ASP.Net and has nothing to do with IIS. There is likely a
logical explanation based on an understanding of the IIS and ASP.Net
request pipeline interaction, especially with security and
authentication since that is where both pipelines overlap and can
conflict, but that discussion is beyond the scope of casual
discussion. You can start with some articles from my blog at
http://blogs.msdn.com/David.Wang , but they only touch the tip of the
iceberg of how messy it can be prior to IIS7. This issue is first
resolved with managed extensibility in IIS7.
When using custom authentication, all URL involved with custom
authentication MUST be under anonymous authentication within IIS
configuration. Behavior may be unexpected otherwise. I suspect that
either the login or redirection URL are different between the apps
that you observe as always working or works only when Default website
has anonymous authentication enabled.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
On Apr 10, 2:33 am, "Mich" <m...@xxxxx> wrote:
Hi,
The situation: windows xp pro sp2 (IIS 5.1).
In the windows of IIS management, all virtual maps are under "Default
website".
The property "Map security" is first set on "Windows Integrated
Authentification".
There is a virtual map with property "Map security" set to "Anonymous
allowed" because this asp.net application is for anonymous users who must
login before they can perform some actions in the webapplication.
.
There are a login control, a creatuserwizard, password recovery .... in the
login.aspx. There is ASPNETDB.mdf located in dir. App_Data.
Now, when a user tries to login (or to create a new membership user),
notyhing happens (user is not logged or no new membership is created) but
there no error.
After hours searching the solution, I changed the property "Map security"
of the Default website to "Anonymous allowed" and ... eveything works!!
My question is: why does it not work when the property "Map security" of the
Default website is set to "Win. Integ. Auth" and it works when it is set to
"Anonymous"? It's like the property of the virtual map is overruled by the
property of the Default website...
Another virtual map with property "Map security" set to "Win. Integ. Auth"
works always, whatever is the property "Map security" of the Default
Website (anonymous or win. int. auth).
Thanks for explanation about this.
Mich
.
- References:
- can someone explain this weird behaviour?
- From: Mich
- can someone explain this weird behaviour?
- Prev by Date: Re: server certificate greyed out
- Next by Date: Programmatically mapping certificate to user account in IIS
- Previous by thread: can someone explain this weird behaviour?
- Next by thread: Re: can someone explain this weird behaviour?
- Index(es):
Relevant Pages
|
