Hi,

at the moment I'm developing a Web-Application with C# and encounter problems
using Windows NTLM authentication with IIS 6.0 (W2k3EE).

I use an aspx-page, in which depending on the user's authentication different
content is provided. There's an area for anonymous access and one for
authenticated users.

In the code im checking the state of the authentication via the Property
Page.User.Identity.IsAuthenticated. Hasn't the user been authenticated yet, all
works fine, i get the parts for anonymous access. But if the user is
authenticated, most of the time the user gets the parts for anonymous access,
seldom the one for authenticated users (meening
Page.User.Identity.IsAuthenticated is false most of the time).

As this aspx-page has to grant both anonymous and authenticated access, i worked
with the following web.config:

<snip>
<!-- Grant access to all files to all (anonymous and authenticated) users
-->
<authentication mode="Windows" />
<authorization>
<!-- Allow all users -->

<allow users="*"/>

</authorization>

<!-- For the Page myPage.aspx special access control is required. So i added
the users "user1" and "user2" to the list of allowed users on that page and
replaced everybody with anonymous (* with ?)
-->
<location path="myPage.aspx">
<system.web>
<authorization>
<allow users="?, user1, user2" roles="Users"/>
</authorization>
</system.web>
</location>

</snip>

What's wrong in the web.config, as getting such weird results?

Thanks for your help,
Christoph Erdle
--
Life is very short and there's no time
For fussing and fighting, my friends
(The Beatles)