Ask a Question related to ASP.NET Security, Design and Development.
-
thechaosengine #1
Authentication doesnt work when using non - microsoft browsers :-(
Hi eveyone,
If anyone could advise on the following I would be truly greatful:
I have a fairly standard set up. An IIS 5.1 website set up with anonymous
access allowed in all areas of the site but a secure subdirectory called
/secure/
I am using windows forms authentication and this is configured in my web.config
file.
All of this works perfectly when using IE. If i attempt to jump straight
into the secure directory without logging in - it boots me back to the login
page. If I log in, it lets me through no problems.
The problem is that this doesnt work in firefox or netscape.
When I put in my username and password they either popup a box asking for
another username and password (which i don't know) or it takes me directly
to the standard 401.2 page which tells me the following:
This is usually caused by a server-side script not sending the proper WWW-Authenticate> HTTP 401.2 - Unauthorized: Logon failed due to server configuration
> Background:
header field. Using Active Server Pages scripting this is done by using the
AddHeader method of the Response object to request that the client use a
certain authentication method to access the resource.
Can anyone advise me why IE is working and the other browsers arent. I have
read some information that suggests that it could be because the secure directory
is set up to use Windows Integrated Security but I'm sure that hasnt mattered
before with other sites and I don't know how else to set the sites up. I
don't want usernames etc sent in plain text etc
Thanks to anyone who can share any information
Thanks all
TCE
thechaosengine Guest
-
Help my flashplayer doesnt work
Hey there, i desperately need help, no websites that have flash programmes will work on my internet as it says i need the latest flash player,... -
which browsers work with coursebuilder ?
I can't make CB work with non microsoft browsers- specifically, Firefox and Netscape. What am I not doing? Thanks for help. -
XMLSearch. doesnt work
hi i'm trying to use xmlsearch function but for some strange reasons it returns only an empty array here the xml file <?xml version="1.0"... -
Delegation/Basic Authentication - using browsers other than IE
Hi, I'd really like to see my intranet asp.net pages with other browsers, but I'm having a problem when it comes to connecting to SQL Server. My... -
telltarget doesnt work
Hello, I made a button in flash MX and did the following actionscript on it: on (rollover) { tellTarget ("MC") { gotoAndPlay(2); } } -
David Wang [Msft] #2 Re: Authentication doesnt work when using non - microsoft browsers :-(
If the server is configured to require a particular authentication protocol
and the browser refuses to support it, then you get a 401.2. That behavior
is by-design.
Either fix the browser to support the authentication protocol of the server,
or change the authentication protocol required by the server.
I do not know what you mean by "windows forms authentication " -- can you
give me the Authentication configuration of /secure inside of IIS Manager UI
(web.config is not involved).
I am pretty certain that Firefox supports Integrated Windows Authentication.
So, either your configuration is not what you said, or you've got something
else misconfigured.
--
//David
IIS
[url]http://blogs.msdn.com/David.Wang[/url]
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"thechaosengine" <none> wrote in message
news:21419632515106156875000@news.microsoft.com...
Hi eveyone,
If anyone could advise on the following I would be truly greatful:
I have a fairly standard set up. An IIS 5.1 website set up with anonymous
access allowed in all areas of the site but a secure subdirectory called
/secure/
I am using windows forms authentication and this is configured in my
web.config
file.
All of this works perfectly when using IE. If i attempt to jump straight
into the secure directory without logging in - it boots me back to the login
page. If I log in, it lets me through no problems.
The problem is that this doesnt work in firefox or netscape.
When I put in my username and password they either popup a box asking for
another username and password (which i don't know) or it takes me directly
to the standard 401.2 page which tells me the following:
This is usually caused by a server-side script not sending the proper> HTTP 401.2 - Unauthorized: Logon failed due to server configuration
> Background:
WWW-Authenticate
header field. Using Active Server Pages scripting this is done by using the
AddHeader method of the Response object to request that the client use a
certain authentication method to access the resource.
Can anyone advise me why IE is working and the other browsers arent. I have
read some information that suggests that it could be because the secure
directory
is set up to use Windows Integrated Security but I'm sure that hasnt
mattered
before with other sites and I don't know how else to set the sites up. I
don't want usernames etc sent in plain text etc
Thanks to anyone who can share any information
Thanks all
TCE
David Wang [Msft] Guest
-
Ken Schaefer #3 Re: Authentication doesnt work when using non - microsoft browsers :-(
Hi,
In addition to David's question, can you clarify whether you are talking
about ASP.NET "Forms Authentication", or you are talking about Windows
Authentication (again configurable in web.config, but might also require
some configuration in IIS).
Cheers
Ken
--
Blog: [url]www.adopenstatic.com/cs/blogs/ken/[/url]
Web: [url]www.adopenstatic.com[/url]
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:%23Rd2dy6VFHA.2984@tk2msftngp13.phx.gbl...
: If the server is configured to require a particular authentication
protocol
: and the browser refuses to support it, then you get a 401.2. That behavior
: is by-design.
:
: Either fix the browser to support the authentication protocol of the
server,
: or change the authentication protocol required by the server.
:
: I do not know what you mean by "windows forms authentication " -- can you
: give me the Authentication configuration of /secure inside of IIS Manager
UI
: (web.config is not involved).
:
: I am pretty certain that Firefox supports Integrated Windows
Authentication.
: So, either your configuration is not what you said, or you've got
something
: else misconfigured.
:
: --
: //David
: IIS
: [url]http://blogs.msdn.com/David.Wang[/url]
: This posting is provided "AS IS" with no warranties, and confers no
rights.
: //
: "thechaosengine" <none> wrote in message
: news:21419632515106156875000@news.microsoft.com...
: Hi eveyone,
:
: If anyone could advise on the following I would be truly greatful:
:
: I have a fairly standard set up. An IIS 5.1 website set up with anonymous
: access allowed in all areas of the site but a secure subdirectory called
: /secure/
:
: I am using windows forms authentication and this is configured in my
: web.config
: file.
:
: All of this works perfectly when using IE. If i attempt to jump straight
: into the secure directory without logging in - it boots me back to the
login
: page. If I log in, it lets me through no problems.
:
: The problem is that this doesnt work in firefox or netscape.
:
: When I put in my username and password they either popup a box asking for
: another username and password (which i don't know) or it takes me directly
: to the standard 401.2 page which tells me the following:
:
: > HTTP 401.2 - Unauthorized: Logon failed due to server configuration
: > Background:
: This is usually caused by a server-side script not sending the proper
: WWW-Authenticate
: header field. Using Active Server Pages scripting this is done by using
the
: AddHeader method of the Response object to request that the client use a
: certain authentication method to access the resource.
:
: Can anyone advise me why IE is working and the other browsers arent. I
have
: read some information that suggests that it could be because the secure
: directory
: is set up to use Windows Integrated Security but I'm sure that hasnt
: mattered
: before with other sites and I don't know how else to set the sites up. I
: don't want usernames etc sent in plain text etc
:
: Thanks to anyone who can share any information
:
: Thanks all
:
: TCE
:
:
:
Ken Schaefer Guest
-
thechaosengine #4 Re: Authentication doesnt work when using non - microsoft browsers :-(
Sorry all,
Thanks for you're help so far.
I was meaning to say that Forms Authentication is configured is the web.config
and Integrated Windows Authentication is selected in the Authentication Methods
section of IIS.
The relevant section is the web.config file is:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" name="ICIAuthTicket" timeout="30" path="/"></forms>
</authentication>
<authorization>
<allow users="*" /> <!-- Allow all users -->
</authorization>
Then further along i have:
<location path="secure">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
I really never have figured out how IIS and ASP.net security works. And its
not for wnat of trying either. I find the resources on the subject all ambiguous
or contrary to something else that I've read :-(
I'd really appreciate any suggestions on how to tackle my current problem
though
Thanks again
TCE
thechaosengine Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
