Re: Websites require a login

Okay.

It's *my* understanding (and I'm not a security expert) that when using
integrated windows authentication you are using NTLM authentication or
Kerberos, depending on the situation. NTLM is used, typically, outside an
Active Directory domain, or when the client is connecting to another Active
Directory forest. Kerberos, on the other hand, is used for authentication in
Windows 2000 and 2003 via Active Directory. I could be wrong on this, but
that's my understanding.

Also per my understanding is that Kerberos tokens can be passed; so the idea
is that you need to log in once and have your credentials passed around with
you - it's a convenience factor. In this sense, passing the credentials to
IIS lays on the shoulders of the web browser (well, in your particular
situation).

Please check the following bits of information (please get back to me as I
would be interested in whether these work):

Make sure IE's Intranet zone security is set to Automatic Logon only in
intranet zone. IE will only pass credentials automatically if it identifies
the URL which you are using points to an internal location; and so if there
are periods (.) in the address, IE will consider it an external address and
so no credentials will be passed automatically.

Make sure you're using Internet Explorer. I know, this is probably a
no-brainer, but for the sake of completeness I'm mentioning it.

Make sure Windows Integrated authentication is enabled in the IIS security
properties for that web site.

....basically it is on the shoulders of Internet Explorer to pass the
security credentials on to the server; so check there first.

You are sure you didn't accidentally turn on Basic or Digenst authentication
methods, correct?

--
~~~~~~~~~~~
Ben Rush
http://www.ben-rush.net/blog


"Kat" <KatMagicBlue@xxxxxxxxx> wrote in message
news:uDdhGsheHHA.588@xxxxxxxxxxxxxxxxxxxxxxx
Not so. up until a few days ago, I did not have to log in to a web site
once I was already logged in to a system. I do not know what changed.
The point of integrated security is to use the authentication of the user
that is logged in.


"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> wrote in message
news:O5Te%23WheHHA.928@xxxxxxxxxxxxxxxxxxxxxxx
re:
Every time I attempt to run a localhost website, it asks me for a login,
as if I am not a user on the local machine.

Just because you're logged into Windows
doesn't mean you don't have to logon to an http connection.

re:
I am using windows authentication

That's why the server is requiring a login.

re:
I am the admin of this machine, how can I not be authorized?

Because logging into Windows is different than logging into a web
application.

re:
If anyone has any ideas of what to do, let me know!

Either :

a) use anonymous authentication
or
b) login when requested






Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Kat" <KatMagicBlue@xxxxxxxxx> wrote in message
news:u2V8WJheHHA.4868@xxxxxxxxxxxxxxxxxxxxxxx
Every time I attempt to run a localhost website, it asks me for a login,
as if I am not a user on the local machine. I am a user on the local
machine, I am an admin on the local machine. I am not on a network. I
have windows xp professional installed, iis is installed and until
recently everything worked fine. I am using windows authentication, and
have changed everything I can think of to full control, even the
Everyone, the vs develoeprs, the debugger users, and every account on
this machine, just to see if authorization is the problem. Still
requires a login. If I login with the same login I have already logged
in with, it works, if I do not login I get a "You are not authorized"
message. I am the admin of this machine, how can I not be authorized?
If anyone has any ideas of what to do, let me know! Thanks for your
help.







.

Relevant Pages

  • Re: Enabling telnet, ftp, pop3 for root...
    ... Where did I say ANYTHING about not using authentication. ... You're presenting it like direct root login would be a total security ... DON'T have access to the port. ...
    (alt.os.linux)
  • Re: Enabling telnet, ftp, pop3 for root...
    ... Where did I say ANYTHING about not using authentication. ... You're presenting it like direct root login would be a total security ... The ssh account is only used for remote login. ... secret to get to your SSH port is as easy as sniffing. ...
    (alt.os.linux)
  • Re: How to SELECT records based upon ASP.NET Roles
    ... security principals directly. ... be able to use SQL row-level security as well (which is something I've never ... When using Windows ... authentication in IIS, this will be a WindowsPrincipal object, but it would ...
    (microsoft.public.dotnet.security)
  • Re: How to SELECT records based upon ASP.NET Roles
    ... security principals directly. ... also be able to use SQL row-level security as well (which is something ... using Windows authentication in IIS, ...
    (microsoft.public.dotnet.security)
  • RE: Combine Forms Authentication with Windows
    ... | Subject: RE: Combine Forms Authentication with Windows ... since those internal users need to call ... | | So you need integraded security, this means that the users need ...
    (microsoft.public.dotnet.general)