Re: Basic Authentication fails with Error 401.2 where Integrated succe
- From: David Wang <w3.4you@xxxxxxxxx>
- Date: Wed, 24 Oct 2007 22:31:38 -0700
On Oct 24, 1:45 am, Jude Fisher <JudeFis...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
Hi,
I'm a developer rather than a server tech and I've run into some problems
configuring a website.
An external provider we're using requires that a specific script be in a
directory that is protected by Basic Authentication. This isn't something
I've had to do before so I've been stumbling along following the KB
instructions. I've set up a test directory but I can't seem to get
authentication working properly. Here are the details:
I'm running IIS 6 on Windows Server 2003 with Asp.Net 1.1 and 2.0 both
installed.
The directory is configured with regular read priveleges, no scripts or
executables for the moment. The page inside the directory that I am using for
testing is just a plain html page with one line of text in it.
The directory is configured in IIS with only Basic Authentication checked
(Anonymous access, digest and integrated access are all cleared) and the
domain and realm fields are empty.
I have a limted access account I want to use for this but for testing I've
also tried my administrator account, which has priveleges to the folder and
also local log on priveleges for the machine. Problems are consistent
whichever account is used.
The error occurs whether I'm connecting remotely or (through remote desktop)
via localhost, which should rule out any proxies.
The error returned is HTTP Error 401.2 - Unauthorized: Access is denied due
to server configuration.
*IMPORTANT* (I'm hoping this points directly to the problem!) - If I check
the integrated authentication box in the IIS security configuration, suddenly
the log in works. If I clear it so only basic is checked, it breaks again.
Thanks in advance for any assistance.
Yes, your last detail points directly to the problem.
Here is the meaning of 401.2 and how to troubleshoot it:
http://blogs.msdn.com/david.wang/archive/2005/07/14/HOWTO_Diagnose_IIS_401_Access_Denied.aspx
Basically, you have said that enabling Integrated Authentication makes
401.2 go away, which tells me that the client is using Integrated
Authentication and NOT Basic Authentication.
If the external provider is using basic authentication against your
IIS configuration, then IIS will NOT return 401.2 given your stated
configuration. Meanwhile, if the client is using Integrated
authentication, IIS will return 401.2 UNTIL Integrated Authentication
is enabled.
The latter is exactly what you observed.
This issue has nothing to do with the user account used (you've
verified), and you've thankfully eliminated proxying as a source of
altering authentication schemes.
I suggest you go back to your external provider for them to clarify
their requirements because they are not doing what they say. Either
they change to require Integrated Auth, or they change their code to
actually use Basic auth.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
.
- Follow-Ups:
- Re: Basic Authentication fails with Error 401.2 where Integrated s
- From: Jude Fisher
- Re: Basic Authentication fails with Error 401.2 where Integrated s
- Prev by Date: Re: Basic Authentication fails with Error 401.2 where Integrated s
- Next by Date: Re: Basic Authentication fails with Error 401.2 where Integrated s
- Previous by thread: Re: Basic Authentication fails with Error 401.2 where Integrated s
- Next by thread: Re: Basic Authentication fails with Error 401.2 where Integrated s
- Index(es):
Relevant Pages
|
