Re: Windows Only Authentication

From: Fox (_at_)
Date: 10/22/03

  • Next message: Jasper Smith: "Re: Simple SQL Security Question From SQL Newbie"
    Date: Wed, 22 Oct 2003 17:29:07 -0400
    
    

    I was a bit wrong in the last message.
    It appears that the user must access
    an ASP page in a non-secured
    folder before they will be able to
    access an ASP page in the secured folder.
    That is weird, since they are already
    logged into the secured folder.

    To get around this I made one of the
    pages in the "default" framed page be
    an ASP page, located in a non-secured
    folder. I know this all sounds strange
    but it is how it is working.

    Do you have any idea why this is
    happening ?

    Regards,
    Fox

    "Fox" <fox @ connexions .net> wrote in message
    news:OcfHPfMmDHA.1096@TK2MSFTNGP11.phx.gbl...
    > Hi Sue,
    >
    > Thanks for your pointers. I went on a journey
    > and made some changes which work almost perfectly.
    >
    > One of my problems seems to have been that although
    > I selected "Authenticated Access" (cleart text PW)
    > in IIS, I did not deselect the challenge phrase option.
    > I see in my logs that this changed how the username
    > was logged, so it must also effect the login. With challenge
    > phrase also selected, the log showed "machinename/username".
    > With this deselected the log shows only "username".
    >
    > I made sure that all of my SQL options in Enterprise referred to
    > only "Windows Authentication". I gave access to all tables
    > as needed and gave read/list/read execute access in the folder
    > on the machine.
    >
    > OK, here is the weird part. The only way this works is as follows.
    > The user goes to the secured folder and of course is asked to log in.
    > At this point the logs show they are logged into IIS. The default page
    > is an HTM extension (framed with two more HTM files called within).
    > Note that if the default file has an "ASP" extension the user is asked to
    > login again, but cannot. Although now logged into IIS 5.0,
    > Windows 2000 server, via the default.htm, at this point they cannot
    > access any ASP files. If they try, they are again asked to log in.
    > However, if I have them manually click to access an HTM file
    > they can access that and then can access all ASP files and tables
    > and queries set up for them. It takes accessing another HTM file
    > before they can access any ASP files. It would seem this is a bug
    > or some kind of abberration. But hopefully it is not. Have you
    > any idea what might be going on and if there is a way to get past this
    > other than making them click on an HTM file before beginning.
    >
    > Thanks,
    > Fox
    >
    > "Sue Hoegemeier" <Sue_H@nomail.please> wrote in message
    > news:rk1bpv8kje73u5g6413hog4oqp3hnbshhj@4ax.com...
    > > SQL Server Agent isn't necessarily required. If you aren't
    > > using jobs, alerts, etc you can leave the service off.
    > > Authentication depends on how you have IIS configured.
    > > You can find more information on this subject in the
    > > following articles:
    > > INF: Authentication Methods for Connections to SQL Server in
    > > Active Server Pages
    > > http://support.microsoft.com/?id=247931
    > > INFO: Accessing SQL Server with Integrated Security from ASP
    > > http://support.microsoft.com/?id=176377
    > > The following is a good article on IIS and SQL Server 2000
    > > authentication configuration issues:
    > > http://www.win2000mag.com/articles/index.cfm?articleid=23035
    > >
    > > -Sue
    > >
    > > On Tue, 21 Oct 2003 14:53:13 -0400, "Fox" <fox @ connexions
    > > .net> wrote:
    > >
    > > >Does "Windows Only" authenthication in a SYSTEM DSN
    > > >work only on the local network or does it work for those
    > > >accessing from a website ?
    > > >
    > > >IS SQL Server Agent necessary ?
    > > >I have a simple setup with a few databases that do
    > > >nothing spectacular. I am on Windows 2000 server
    > > >and I do not use Active Directory. Most logins
    > > >are just me and my wife, locally. The only other type
    > > >of access neeeded besides public, is for a few
    > > >users who are able to select, input and delete
    > > >some info.
    > > >
    > > >Regards and thanks,
    > > >Fox
    > > >
    > > >
    > >
    >
    >


  • Next message: Jasper Smith: "Re: Simple SQL Security Question From SQL Newbie"

    Relevant Pages

    • Re: Windows Only Authentication
      ... >access an ASP page in the secured folder. ... >> At this point the logs show they are logged into IIS. ... >> they can access that and then can access all ASP files and tables ... It takes accessing another HTM file ...
      (microsoft.public.sqlserver.security)
    • Re;
      ... Publisher produces fixed width pages, that are left justified by design. ... index_files folder if you are using the subfolder option) to a folder on ... Open each *.htm file in NotePad by right clicking the file> open with> ... If you are using the subfolder option in Pub 2003 or 2007, ...
      (microsoft.public.publisher.webdesign)
    • Re: Access97 DB locks up the asp code at times
      ... of these users created the query off the asp and that's the problem. ... but I could never see the employee.ldb on the folder ... I'll chat with our IT group about setting the proper permissions. ... All database users, including the IUSR_MachineName account, need ...
      (microsoft.public.inetserver.asp.general)
    • Re: Drop down is not displaying over frames
      ... This will work with all your pages, no matter which folder they are in, so you only have the single copy of ADOVBS.INC to edit. ... dwt pages instead of frames) I would have to move ADOVBS.INC to the root ... subfolders - does that mean that if I wanted to always include the asp footer ...
      (microsoft.public.frontpage.programming)
    • Re: Https Redirects with IIS?
      ... you can actually scriptmap an INDIVIDUAL HTM file to ASP while all ... This cannot happen transparently on the server (by switching between port 80 ... individual HTM files to be executed by ASP (but not impact any other HTM ... > .HTM is processed as a static file is because of the .ASP ScriptMap. ...
      (microsoft.public.inetserver.iis)