Re: IIS Authentication page problem

From: Vinodk (vinodk_sct_at_NO_SPAM_hotmail.com)
Date: 05/20/04 

Date: Thu, 20 May 2004 08:36:56 +0530

I've checked the same. The ONLY concern here is it works great on XP
machines and behaves differently on Windows 2000 and Windows NT machines :(.
So I think there should be a patch somewhere at OS level or IIS level. 

-- 
HTH,
Vinod Kumar
MCSE, DBA, MCAD, MCSD
http://www.extremeexperts.com
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinfo/productdoc/2000/books.asp
"Andrey P" <andrey@paramonov.pp.ru> wrote in message
news:10amtk344pndcec@news.supernews.com...
> Vinodk wrote:
>
> > Hi all,
> >
> > I faced a strange problem in one of our applications. We have a Web
> > application. The virtual directory is set to anonymous authentication
under
> > the security. From the default page we redirect to a second page. This
page
> > is set to Integrated authentication. and from there on the application
gets
> > redirected to multiple pages.
> >
> > Now the scenaio:
> >
> > Under the IE options I've Prompt for Username and Password is set. Have
been
> > using IE 6.0 SP1 on all the machines.
> >
> > In Windows XP machine:
> >     1. The user get the default page without asking any authentication
> > requirements
> >     2. On click of a submit button. He gets redirected to the second
page
> > and a popup asking for username password is prompted.
> >     3. The user CANNOT navigate out of this page without any username
and
> > password. He is forced to enter the same. This is the desired behaviour.
If
> > the user refuses to enter then authentication error page is displayed.
Cool
> > and no problems so far.
> >
> > In Windows NT SP 6a and Windows 2000 SP4
> >     1. The user get the default page without asking any authentication
> > requirements
> >     2. On click of a submit button. He gets redirected to the second
page
> > and a popup asking for username password is prompted.
> >     3. The user clears all the username / password etc and presses on
ok.
> > This just authenticates him forward.
> > Strangely, if this doesnt work, then try entering a valid username/pwd
and
> > set save pwd and go once to the second page. Close the previous instance
and
> > open a new browser instance, on click from first page the authentication
> > information comes up. Now clear all the username/pwd fields and press
OK.
> > Now the page gets through.
> >
> > Is this any IIS error or a OS error. DO we have any patch or KB article
> > explaining the same. Any pointers to the same would be of great help.
> >
> > Thanks,
>
> Well,
>
> I would check and re-check all the permissions on all the folders under
> web root. NB! when you changed url in client's browser which requires
> authentication *and* an user typed username/password - it's no anonymous
> user for a web server anymore, and all the access to all the files is
> granted based on *that* authenticated user permissions - so, check all
> the includes / global.asa etc to have correct permissions.
>
> If nothing help  - try to track the problematic file using FileMon from
> http://www.sysinternals.com
>
> -Andrey