|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
credentials not going to IIS automaticallyI am having a problem where IIS wants me to log in where IIS is on a Win 2003 server on the same domain as I am on on my workstation. This is for an ASP.NET 2.0 app (that I am writing) set to use Windows authentication. When running from VS 2005 using the integrated webserver, the website knows who I am and I have zero signon. But when I copy the website to IIS on Win2003 it pops up the dialog box asking me to sign in. I enter my domain\username and password and then it all works fine. Why am I getting prompted for my uname/pw? The server is on the same domain as is my workstation. Is there something I need to set on IIS so it asks IE to automatically pass my credentials across? My web.config is: <authentication mode="Windows"/> <identity impersonate="true"/> <authorization> <allow roles="windward\Windward Administrators, windward\Windward Users"/> <deny users="*"/> </authorization> <roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider" /> -- thanks - dave david_at_windward_dot_net http://www.windwardreports.com Cubicle Wars - http://www.windwardreports.com/film.htm Please give the exact URL that you use to access this web application
when it asks for password. I suspect it looks like: http://www.domain.com/WebApp.aspx In which case your issue is with the browser not auto-authenticating with the server. Once you configure authentication in IIS, IIS will ALWAYS ask for credentials from the client. The question is whether the client provides the credentials without prompting the user, and that depends on browser configuration. Nothing IIS can do because that would be a security flaw. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // David Thielen wrote: Show quoteHide quote > Hi; > > I am having a problem where IIS wants me to log in where IIS is on a Win > 2003 server on the same domain as I am on on my workstation. > > This is for an ASP.NET 2.0 app (that I am writing) set to use Windows > authentication. When running from VS 2005 using the integrated webserver, the > website knows who I am and I have zero signon. > > But when I copy the website to IIS on Win2003 it pops up the dialog box > asking me to sign in. I enter my domain\username and password and then it all > works fine. > > Why am I getting prompted for my uname/pw? The server is on the same domain > as is my workstation. Is there something I need to set on IIS so it asks IE > to automatically pass my credentials across? > > My web.config is: > > <authentication mode="Windows"/> > <identity impersonate="true"/> > <authorization> > <allow roles="windward\Windward Administrators, windward\Windward Users"/> > <deny users="*"/> > </authorization> > <roleManager enabled="true" > defaultProvider="AspNetWindowsTokenRoleProvider" /> > > -- > thanks - dave > david_at_windward_dot_net > http://www.windwardreports.com > > Cubicle Wars - http://www.windwardreports.com/film.htm How can I set this to test? Because my same IE on the same system does pass
the credentials to the VS 2005 web server. -- Show quoteHide quotethanks - dave david_at_windward_dot_net http://www.windwardreports.com Cubicle Wars - http://www.windwardreports.com/film.htm "David Wang" wrote: > Please give the exact URL that you use to access this web application > when it asks for password. > > I suspect it looks like: > http://www.domain.com/WebApp.aspx > > In which case your issue is with the browser not auto-authenticating > with the server. Once you configure authentication in IIS, IIS will > ALWAYS ask for credentials from the client. The question is whether the > client provides the credentials without prompting the user, and that > depends on browser configuration. Nothing IIS can do because that would > be a security flaw. > > > //David > http://w3-4u.blogspot.com > http://blogs.msdn.com/David.Wang > // > > > David Thielen wrote: > > Hi; > > > > I am having a problem where IIS wants me to log in where IIS is on a Win > > 2003 server on the same domain as I am on on my workstation. > > > > This is for an ASP.NET 2.0 app (that I am writing) set to use Windows > > authentication. When running from VS 2005 using the integrated webserver, the > > website knows who I am and I have zero signon. > > > > But when I copy the website to IIS on Win2003 it pops up the dialog box > > asking me to sign in. I enter my domain\username and password and then it all > > works fine. > > > > Why am I getting prompted for my uname/pw? The server is on the same domain > > as is my workstation. Is there something I need to set on IIS so it asks IE > > to automatically pass my credentials across? > > > > My web.config is: > > > > <authentication mode="Windows"/> > > <identity impersonate="true"/> > > <authorization> > > <allow roles="windward\Windward Administrators, windward\Windward Users"/> > > <deny users="*"/> > > </authorization> > > <roleManager enabled="true" > > defaultProvider="AspNetWindowsTokenRoleProvider" /> > > > > -- > > thanks - dave > > david_at_windward_dot_net > > http://www.windwardreports.com > > > > Cubicle Wars - http://www.windwardreports.com/film.htm > > It depends on the browser.
IE's auto-login feature is tied to the Zone that it classifies the address. http://namewithoutdots goes to Intranet zone which has autologin http://name.with.dots goes to Internet zone whit does not autologin // http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // David Thielen wrote: Show quoteHide quote > How can I set this to test? Because my same IE on the same system does pass > the credentials to the VS 2005 web server. > > -- > thanks - dave > david_at_windward_dot_net > http://www.windwardreports.com > > Cubicle Wars - http://www.windwardreports.com/film.htm > > > > > "David Wang" wrote: > > > Please give the exact URL that you use to access this web application > > when it asks for password. > > > > I suspect it looks like: > > http://www.domain.com/WebApp.aspx > > > > In which case your issue is with the browser not auto-authenticating > > with the server. Once you configure authentication in IIS, IIS will > > ALWAYS ask for credentials from the client. The question is whether the > > client provides the credentials without prompting the user, and that > > depends on browser configuration. Nothing IIS can do because that would > > be a security flaw. > > > > > > //David > > http://w3-4u.blogspot.com > > http://blogs.msdn.com/David.Wang > > // > > > > > > David Thielen wrote: > > > Hi; > > > > > > I am having a problem where IIS wants me to log in where IIS is on a Win > > > 2003 server on the same domain as I am on on my workstation. > > > > > > This is for an ASP.NET 2.0 app (that I am writing) set to use Windows > > > authentication. When running from VS 2005 using the integrated webserver, the > > > website knows who I am and I have zero signon. > > > > > > But when I copy the website to IIS on Win2003 it pops up the dialog box > > > asking me to sign in. I enter my domain\username and password and then it all > > > works fine. > > > > > > Why am I getting prompted for my uname/pw? The server is on the same domain > > > as is my workstation. Is there something I need to set on IIS so it asks IE > > > to automatically pass my credentials across? > > > > > > My web.config is: > > > > > > <authentication mode="Windows"/> > > > <identity impersonate="true"/> > > > <authorization> > > > <allow roles="windward\Windward Administrators, windward\Windward Users"/> > > > <deny users="*"/> > > > </authorization> > > > <roleManager enabled="true" > > > defaultProvider="AspNetWindowsTokenRoleProvider" /> > > > > > > -- > > > thanks - dave > > > david_at_windward_dot_net > > > http://www.windwardreports.com > > > > > > Cubicle Wars - http://www.windwardreports.com/film.htm > > > > that's it!!!
-- Show quoteHide quotethanks - dave david_at_windward_dot_net http://www.windwardreports.com Cubicle Wars - http://www.windwardreports.com/film.htm "David Wang" wrote: > It depends on the browser. > > IE's auto-login feature is tied to the Zone that it classifies the > address. > > http://namewithoutdots goes to Intranet zone which has autologin > http://name.with.dots goes to Internet zone whit does not autologin > > > // > http://w3-4u.blogspot.com > http://blogs.msdn.com/David.Wang > // > > > David Thielen wrote: > > How can I set this to test? Because my same IE on the same system does pass > > the credentials to the VS 2005 web server. > > > > -- > > thanks - dave > > david_at_windward_dot_net > > http://www.windwardreports.com > > > > Cubicle Wars - http://www.windwardreports.com/film.htm > > > > > > > > > > "David Wang" wrote: > > > > > Please give the exact URL that you use to access this web application > > > when it asks for password. > > > > > > I suspect it looks like: > > > http://www.domain.com/WebApp.aspx > > > > > > In which case your issue is with the browser not auto-authenticating > > > with the server. Once you configure authentication in IIS, IIS will > > > ALWAYS ask for credentials from the client. The question is whether the > > > client provides the credentials without prompting the user, and that > > > depends on browser configuration. Nothing IIS can do because that would > > > be a security flaw. > > > > > > > > > //David > > > http://w3-4u.blogspot.com > > > http://blogs.msdn.com/David.Wang > > > // > > > > > > > > > David Thielen wrote: > > > > Hi; > > > > > > > > I am having a problem where IIS wants me to log in where IIS is on a Win > > > > 2003 server on the same domain as I am on on my workstation. > > > > > > > > This is for an ASP.NET 2.0 app (that I am writing) set to use Windows > > > > authentication. When running from VS 2005 using the integrated webserver, the > > > > website knows who I am and I have zero signon. > > > > > > > > But when I copy the website to IIS on Win2003 it pops up the dialog box > > > > asking me to sign in. I enter my domain\username and password and then it all > > > > works fine. > > > > > > > > Why am I getting prompted for my uname/pw? The server is on the same domain > > > > as is my workstation. Is there something I need to set on IIS so it asks IE > > > > to automatically pass my credentials across? > > > > > > > > My web.config is: > > > > > > > > <authentication mode="Windows"/> > > > > <identity impersonate="true"/> > > > > <authorization> > > > > <allow roles="windward\Windward Administrators, windward\Windward Users"/> > > > > <deny users="*"/> > > > > </authorization> > > > > <roleManager enabled="true" > > > > defaultProvider="AspNetWindowsTokenRoleProvider" /> > > > > > > > > -- > > > > thanks - dave > > > > david_at_windward_dot_net > > > > http://www.windwardreports.com > > > > > > > > Cubicle Wars - http://www.windwardreports.com/film.htm > > > > > > > > Hi Dave,
All the details about IE and IIS auto login feature of Integrated Windows authentication are clearly documented in the below article: Internet Explorer May Prompt You for a Password http://support.microsoft.com/?id=258063 Thanks. Sincerely, WenJun Zhang Microsoft Online Community Support ================================================== Get notification to my posts through email? Please refer to: http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif ications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at: http://msdn.microsoft.com/subscriptions/support/default.aspx. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. 
Other interesting topics
aspnet_isapi.dll security limit access to all but 1 file
inhability to display http://localhost How do I make a local machine client certificate available to all users? access to network file server through web server denied NTLM Authentication on IIS 6.0 [IIS 5] Homemade cert and SSL _Address Access Denied connecting to remote share through IIS Security while publishing an website in Frontpage IIS Access Control |
|||||||||||||||||||||||
