Professional Web Applications Themes

IIS sends login dialog for already authenticated users. - ASP.NET Security

Hi, I am using ASP.NET windows authentication in one of the applications. My application is deployed on one of the 2003 servers. This server is member of a domain say "MyDomain". Now, when a user who is logged on to a system which dos not belongs to "MyDomain", tries to access this site, he gets a login dialog box which is correct. However, if the user is logged on to a system that belongs to "MyDomain", he should not get this dialog box. but in my case, he also gets this box. The same code works well in windows 2000. ...

  1. #1

    Default IIS sends login dialog for already authenticated users.

    Hi,
    I am using ASP.NET windows authentication in one of the applications. My
    application is deployed on one of the 2003 servers. This server is member of
    a domain say "MyDomain".
    Now, when a user who is logged on to a system which dos not belongs to
    "MyDomain", tries to access this site, he gets a login dialog box which is
    correct. However, if the user is logged on to a system that belongs to
    "MyDomain", he should not get this dialog box. but in my case, he also gets
    this box.

    The same code works well in windows 2000.

    Please suggest.

    Sandy Guest

  2. #2

    Default Re: IIS sends login dialog for already authenticated users.

    This is a browser issue - it is the browser the decides whether to prompt
    the user for credentials. Check the rquirements for "auto logon" here:

    [url]http://support.microsoft.com/?id=258063[/url]
    Internet Explorer May Prompt You for a Password

    Cheers
    Ken

    "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > Hi,
    > I am using ASP.NET windows authentication in one of the applications. My
    > application is deployed on one of the 2003 servers. This server is member
    > of
    > a domain say "MyDomain".
    > Now, when a user who is logged on to a system which dos not belongs to
    > "MyDomain", tries to access this site, he gets a login dialog box which
    > is
    > correct. However, if the user is logged on to a system that belongs to
    > "MyDomain", he should not get this dialog box. but in my case, he also
    > gets
    > this box.
    >
    > The same code works well in windows 2000.
    >
    > Please suggest.
    >

    Ken Schaefer Guest

  3. #3

    Default Re: IIS sends login dialog for already authenticated users.

    I checked this Ken.
    This is not the case. IE is configured correctly.
    The issues seems to happen only on windows 2003 servers with win XP clients.

    "Ken Schaefer" wrote:
    > This is a browser issue - it is the browser the decides whether to prompt
    > the user for credentials. Check the rquirements for "auto logon" here:
    >
    > [url]http://support.microsoft.com/?id=258063[/url]
    > Internet Explorer May Prompt You for a Password
    >
    > Cheers
    > Ken
    >
    > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > Hi,
    > > I am using ASP.NET windows authentication in one of the applications. My
    > > application is deployed on one of the 2003 servers. This server is member
    > > of
    > > a domain say "MyDomain".
    > > Now, when a user who is logged on to a system which dos not belongs to
    > > "MyDomain", tries to access this site, he gets a login dialog box which
    > > is
    > > correct. However, if the user is logged on to a system that belongs to
    > > "MyDomain", he should not get this dialog box. but in my case, he also
    > > gets
    > > this box.
    > >
    > > The same code works well in windows 2000.
    > >
    > > Please suggest.
    > >
    >
    >
    >
    Sandy Guest

  4. #4

    Default Re: IIS sends login dialog for already authenticated users.

    Have the Servers been "hardened" or had some security scripts run over them
    to lock them down in any way?

    --

    - Paul Glavich
    ASP.NET MVP
    ASPInsider ([url]www.aspinsiders.com[/url])


    "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    news:58A6FDC9-885B-4B85-831D-17CC2D986249microsoft.com...
    > I checked this Ken.
    > This is not the case. IE is configured correctly.
    > The issues seems to happen only on windows 2003 servers with win XP
    clients.
    >
    > "Ken Schaefer" wrote:
    >
    > > This is a browser issue - it is the browser the decides whether to
    prompt
    > > the user for credentials. Check the rquirements for "auto logon" here:
    > >
    > > [url]http://support.microsoft.com/?id=258063[/url]
    > > Internet Explorer May Prompt You for a Password
    > >
    > > Cheers
    > > Ken
    > >
    > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > > Hi,
    > > > I am using ASP.NET windows authentication in one of the applications.
    My
    > > > application is deployed on one of the 2003 servers. This server is
    member
    > > > of
    > > > a domain say "MyDomain".
    > > > Now, when a user who is logged on to a system which dos not belongs to
    > > > "MyDomain", tries to access this site, he gets a login dialog box
    which
    > > > is
    > > > correct. However, if the user is logged on to a system that belongs to
    > > > "MyDomain", he should not get this dialog box. but in my case, he also
    > > > gets
    > > > this box.
    > > >
    > > > The same code works well in windows 2000.
    > > >
    > > > Please suggest.
    > > >
    > >
    > >
    > >

    Paul Glavich [MVP ASP.NET] Guest

  5. #5

    Default Re: IIS sends login dialog for already authenticated users.

    On our servers, we had to alter the setting mentioned in this article (
    [url]http://www.microsoft.com/resources/doentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/doentation/WindowsServ/2003/all/deployguide/en-us/28433.asp[/url] )
    and set it back to its default setting as all client requests were failing,
    although in our case, I think it was Win2000 that was always failing. Same
    symptoms though.

    --

    - Paul Glavich
    ASP.NET MVP
    ASPInsider ([url]www.aspinsiders.com[/url])


    "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    news:58A6FDC9-885B-4B85-831D-17CC2D986249microsoft.com...
    > I checked this Ken.
    > This is not the case. IE is configured correctly.
    > The issues seems to happen only on windows 2003 servers with win XP
    clients.
    >
    > "Ken Schaefer" wrote:
    >
    > > This is a browser issue - it is the browser the decides whether to
    prompt
    > > the user for credentials. Check the rquirements for "auto logon" here:
    > >
    > > [url]http://support.microsoft.com/?id=258063[/url]
    > > Internet Explorer May Prompt You for a Password
    > >
    > > Cheers
    > > Ken
    > >
    > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > > Hi,
    > > > I am using ASP.NET windows authentication in one of the applications.
    My
    > > > application is deployed on one of the 2003 servers. This server is
    member
    > > > of
    > > > a domain say "MyDomain".
    > > > Now, when a user who is logged on to a system which dos not belongs to
    > > > "MyDomain", tries to access this site, he gets a login dialog box
    which
    > > > is
    > > > correct. However, if the user is logged on to a system that belongs to
    > > > "MyDomain", he should not get this dialog box. but in my case, he also
    > > > gets
    > > > this box.
    > > >
    > > > The same code works well in windows 2000.
    > > >
    > > > Please suggest.
    > > >
    > >
    > >
    > >

    Paul Glavich [MVP ASP.NET] Guest

  6. #6

    Default Re: IIS sends login dialog for already authenticated users.

    Yes. Some scripts does run but not sure what exactly they are. Its a
    production server.

    "Paul Glavich [MVP ASP.NET]" wrote:
    > Have the Servers been "hardened" or had some security scripts run over them
    > to lock them down in any way?
    >
    > --
    >
    > - Paul Glavich
    > ASP.NET MVP
    > ASPInsider ([url]www.aspinsiders.com[/url])
    >
    >
    > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > news:58A6FDC9-885B-4B85-831D-17CC2D986249microsoft.com...
    > > I checked this Ken.
    > > This is not the case. IE is configured correctly.
    > > The issues seems to happen only on windows 2003 servers with win XP
    > clients.
    > >
    > > "Ken Schaefer" wrote:
    > >
    > > > This is a browser issue - it is the browser the decides whether to
    > prompt
    > > > the user for credentials. Check the rquirements for "auto logon" here:
    > > >
    > > > [url]http://support.microsoft.com/?id=258063[/url]
    > > > Internet Explorer May Prompt You for a Password
    > > >
    > > > Cheers
    > > > Ken
    > > >
    > > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > > > Hi,
    > > > > I am using ASP.NET windows authentication in one of the applications.
    > My
    > > > > application is deployed on one of the 2003 servers. This server is
    > member
    > > > > of
    > > > > a domain say "MyDomain".
    > > > > Now, when a user who is logged on to a system which dos not belongs to
    > > > > "MyDomain", tries to access this site, he gets a login dialog box
    > which
    > > > > is
    > > > > correct. However, if the user is logged on to a system that belongs to
    > > > > "MyDomain", he should not get this dialog box. but in my case, he also
    > > > > gets
    > > > > this box.
    > > > >
    > > > > The same code works well in windows 2000.
    > > > >
    > > > > Please suggest.
    > > > >
    > > >
    > > >
    > > >
    >
    >
    >
    Sandy Guest

  7. #7

    Default Re: IIS sends login dialog for already authenticated users.

    Paul, Thanks a lot.

    Are you saying that in your case, clients were windows 2000 and Server was
    windows 2003?


    "Paul Glavich [MVP ASP.NET]" wrote:
    > On our servers, we had to alter the setting mentioned in this article (
    > [url]http://www.microsoft.com/resources/doentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/doentation/WindowsServ/2003/all/deployguide/en-us/28433.asp[/url] )
    > and set it back to its default setting as all client requests were failing,
    > although in our case, I think it was Win2000 that was always failing. Same
    > symptoms though.
    >
    > --
    >
    > - Paul Glavich
    > ASP.NET MVP
    > ASPInsider ([url]www.aspinsiders.com[/url])
    >
    >
    > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > news:58A6FDC9-885B-4B85-831D-17CC2D986249microsoft.com...
    > > I checked this Ken.
    > > This is not the case. IE is configured correctly.
    > > The issues seems to happen only on windows 2003 servers with win XP
    > clients.
    > >
    > > "Ken Schaefer" wrote:
    > >
    > > > This is a browser issue - it is the browser the decides whether to
    > prompt
    > > > the user for credentials. Check the rquirements for "auto logon" here:
    > > >
    > > > [url]http://support.microsoft.com/?id=258063[/url]
    > > > Internet Explorer May Prompt You for a Password
    > > >
    > > > Cheers
    > > > Ken
    > > >
    > > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > > > Hi,
    > > > > I am using ASP.NET windows authentication in one of the applications.
    > My
    > > > > application is deployed on one of the 2003 servers. This server is
    > member
    > > > > of
    > > > > a domain say "MyDomain".
    > > > > Now, when a user who is logged on to a system which dos not belongs to
    > > > > "MyDomain", tries to access this site, he gets a login dialog box
    > which
    > > > > is
    > > > > correct. However, if the user is logged on to a system that belongs to
    > > > > "MyDomain", he should not get this dialog box. but in my case, he also
    > > > > gets
    > > > > this box.
    > > > >
    > > > > The same code works well in windows 2000.
    > > > >
    > > > > Please suggest.
    > > > >
    > > >
    > > >
    > > >
    >
    >
    >
    Sandy Guest

  8. #8

    Default Re: IIS sends login dialog for already authenticated users.

    Yes. Not all clients were Win2000, but only these ones had the problems. Our
    server group had performed "hardening" on the servers, and configured that
    specific setting to only accept the highest levels of encryption and
    authentication. The new XP builds that had also been performed had a similar
    hardening process and were configured appropriately. The older builds of
    Windows2000 were not configured to support the extra security settings and
    were failing. Once I set the Windows2003 servers back to the default
    settings (as listed on that article link I posted) it all worked fine.


    --

    - Paul Glavich
    ASP.NET MVP
    ASPInsider ([url]www.aspinsiders.com[/url])


    "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    news:44676A23-7A6E-4316-93E0-755168E07764microsoft.com...
    > Paul, Thanks a lot.
    >
    > Are you saying that in your case, clients were windows 2000 and Server was
    > windows 2003?
    >
    >
    > "Paul Glavich [MVP ASP.NET]" wrote:
    >
    > > On our servers, we had to alter the setting mentioned in this article (
    > >
    [url]http://www.microsoft.com/resources/doentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/doentation/WindowsServ/2003/all/deployguide/en-us/28433.asp[/url] )
    > > and set it back to its default setting as all client requests were
    failing,
    > > although in our case, I think it was Win2000 that was always failing.
    Same
    > > symptoms though.
    > >
    > > --
    > >
    > > - Paul Glavich
    > > ASP.NET MVP
    > > ASPInsider ([url]www.aspinsiders.com[/url])
    > >
    > >
    > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > news:58A6FDC9-885B-4B85-831D-17CC2D986249microsoft.com...
    > > > I checked this Ken.
    > > > This is not the case. IE is configured correctly.
    > > > The issues seems to happen only on windows 2003 servers with win XP
    > > clients.
    > > >
    > > > "Ken Schaefer" wrote:
    > > >
    > > > > This is a browser issue - it is the browser the decides whether to
    > > prompt
    > > > > the user for credentials. Check the rquirements for "auto logon"
    here:
    > > > >
    > > > > [url]http://support.microsoft.com/?id=258063[/url]
    > > > > Internet Explorer May Prompt You for a Password
    > > > >
    > > > > Cheers
    > > > > Ken
    > > > >
    > > > > "Sandy" <Sandydiscussions.microsoft.com> wrote in message
    > > > > news:20E9B2C9-AD2D-410D-AC0B-A657A13DD5A6microsoft.com...
    > > > > > Hi,
    > > > > > I am using ASP.NET windows authentication in one of the
    applications.
    > > My
    > > > > > application is deployed on one of the 2003 servers. This server is
    > > member
    > > > > > of
    > > > > > a domain say "MyDomain".
    > > > > > Now, when a user who is logged on to a system which dos not
    belongs to
    > > > > > "MyDomain", tries to access this site, he gets a login dialog box
    > > which
    > > > > > is
    > > > > > correct. However, if the user is logged on to a system that
    belongs to
    > > > > > "MyDomain", he should not get this dialog box. but in my case, he
    also
    > > > > > gets
    > > > > > this box.
    > > > > >
    > > > > > The same code works well in windows 2000.
    > > > > >
    > > > > > Please suggest.
    > > > > >
    > > > >
    > > > >
    > > > >
    > >
    > >
    > >

    Paul Glavich [MVP ASP.NET] Guest

Similar Threads

  1. Programatically login to Basic Authenticated site?
    By Joe Kaplan \(MVP - ADSI\) in forum ASP.NET
    Replies: 1
    Last Post: July 22nd, 03:59 PM
  2. Replies: 0
    Last Post: May 13th, 08:41 AM
  3. ASP remote authentication / surpress login dialog
    By Andreas Schurz in forum ASP.NET Security
    Replies: 0
    Last Post: September 16th, 09:24 AM
  4. ASP.Net Windows Authentication problem = Login dialog keeps popping up
    By Edward J. Stembler in forum ASP.NET Security
    Replies: 1
    Last Post: August 11th, 01:43 PM
  5. Suppress login dialog when impersonation on?
    By Gary H. in forum ASP.NET Security
    Replies: 1
    Last Post: July 17th, 12:41 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139