Re: Windows 2003 - IIS 6 - local CGI Authentication problem.
From: David Wang [Msft] (someone_at_online.microsoft.com)
Date: 10/07/04
- Next message: Tony Proctor: "Help! Defunct IIS threads"
- Previous message: David Wang [Msft]: "Re: [IIS6] Cookieless : control HTTP 302"
- In reply to: Jacques Garcia Vazquez: "Re: Windows 2003 - IIS 6 - local CGI Authentication problem."
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 7 Oct 2004 01:56:12 -0700
When referring to non-released software, please provide the build number for
proper identification
For example, you may be using an earlier build prior to the issue being
fixed.
-- //David IIS This posting is provided "AS IS" with no warranties, and confers no rights. // "Jacques Garcia Vazquez" <jgv at FlexsysBelgium dot com> wrote in message news:eVBokiDrEHA.1952@TK2MSFTNGP12.phx.gbl... Hi David, For your information: after installing the service pack 1 beta, my initial problem (console authentication) was solved. But the Remote desktop problem is still there. Jacques "David Wang [Msft]" <someone@online.microsoft.com> wrote in message news:%23cKjD74qEHA.3760@TK2MSFTNGP09.phx.gbl... > Unfortunately, I cannot repro your remaining question regarding Integrated > authentication + CGI on the local machine. Many of our tests run in this > fashion without any unexpected 401 (that is what triggers the browser to > popup the login dialog). They just use the default values. > > -- > //David > IIS > This posting is provided "AS IS" with no warranties, and confers no > rights. > // > "Jacques Garcia Vazquez" <jgv at FlexsysBelgium dot com> wrote in message > news:uwKYwX3qEHA.2564@TK2MSFTNGP10.phx.gbl... > Many thanks David, > >>>this is a browser behavior, not server. > > I agree with you. But our cgi is in the same directory tree. ie: > > http://localhost/toto/index.htm will call > http://localhost/toto/bin/exe.exe/ttoto > > So since the entire site is under authentication control and the browser > correctly identify the user on all page but the cgi, then I think there is > a > problem elsewhere. > Further more, if I trace the call to the cgi with authdiag in real time, I > see some authentication tokens sent by the browser. So my question > unfortunatly remains open. > > For the CGI error, then I will try to install the SP1. > > Thanks again > Jacques > > > > "David Wang [Msft]" <someone@online.microsoft.com> wrote in message > news:OHXgDk2qEHA.3876@TK2MSFTNGP15.phx.gbl... >> Regarding the authentication dialogs -- that is by design. Browsers may >> choose to auto-authenticate depending on how you access the server -- so >> this is a browser behavior, not server. >> >> i.e. >> http://127.0.0.1/secure/cgi.exe >> http://localhost/secure/cgi.exe >> http://server/secure/cgi.exe >> http://server.domain.com/secure/cgi.exe >> >> Can all have different authentication behaviors. >> >> >> Regarding the CGI failure over Remote Desktop -- it looks like a >> previously >> reported issue that has been fixed in Windows Server 2003 SP1. >> >> This only happens when you are browsing the website LOCALLY on the >> server, >> against a CGI, involving NTLM authentication, and optionally over Remote >> Desktop (just need a different console Desktop, and Remote Desktop is one >> way to do that). Basically, these circumstances affect the type of user >> token that IIS obtains which eventually prevents IIS calling >> CreateProcessAsUser to launch the CGI EXE, and hence you get 500. >> >> -- >> //David >> IIS >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> // >> "Jacques Garcia Vazquez" <jgv at FlexsysBelgium dot com> wrote in message >> news:uIsHxgvqEHA.1964@TK2MSFTNGP12.phx.gbl... >> Hi All, >> >> We have a web site (virtual directory) with authentication set to >> "integrated windows authentication". >> This web site call a cgi (.exe). >> The directory (since the cgi is part of the site directory) is secured >> correctly - (well I hope). >> The CGI is correctly defined in the Web service extensions. >> >> Everything is working correctly when working from the network that means >> that IE don't request a user name and password and authenticate the user >> correctly (which means for me that IE send the correct user). >> >> If we try to work on the server directly on the console, the logon dialog >> is >> displayed when the cgi is called (but not with the normal html pages). If >> we >> reintroduce the same user account as the one currently logged in, every >> thing is fine till IE is closed. This behavior is constant whatever >> account >> we used, even with the local administrator account. The security log >> don't >> show any error. >> >> The first question is how to make working the integrated authentication >> when >> working on the console ? >> >> Now if we connect with an XP desktop with a remote desktop connection, >> and >> we start browsing then we get a 500 error when trying to use the CGI. Any >> idea are welcome. >> >> Thanks for your time. >> Jacques Garcia Vazquez >> >> >> >> >> >> >> >> > > >
- Next message: Tony Proctor: "Help! Defunct IIS threads"
- Previous message: David Wang [Msft]: "Re: [IIS6] Cookieless : control HTTP 302"
- In reply to: Jacques Garcia Vazquez: "Re: Windows 2003 - IIS 6 - local CGI Authentication problem."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
