 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / IIS / IIS Security / February 2006IE prompts for a password when using anonymous authentication
Hi everyone, I have developed an ASP.NET web application and have deployed it to a production server. The web application has only a single page with the page_load event having no code in it. The virtual directory in IIS is setup with anonymous access only. The user that virtual directory is setup to run under has administrative privilages on the server. Whenever I visit the deployed site I get prompted for a username and password. If I enter my username and password the page I was trying to access is not displayed and I get prompted for a username and password again. If I press cancel, the page is displayed and the site works as expected. I've spent a long time investigating this issue and have been unable to get to the bottom of it. It's extremely important that I fix this issue as it is affecting a live site. Has anyone experienced this issue themselves? Or perhaps know how to fix it? Any help that can be passed on would be gratefully received. Many thanks Adam Ainger : Hi everyone, : [quoted text clipped - 3 lines] : with anonymous access only. The user that virtual directory is setup to run : under has administrative privilages on the server. The virtual directory does not run under a user account. Are you talking about the account that IIS is configured to impersonate for anonymous requests? Additionally, is your ASP.NET application configured to impersonate this account (via <identity impersonate="true" /> setting)? Lastly, can you post the relevant IIS logfiles? Cheers Ken : Whenever I visit the deployed site I get prompted for a username and : password. If I enter my username and password the page I was trying to access [quoted text clipped - 12 lines] : : Adam Ainger Thanks for your feedback Ken. I'm new to ASP.NET - does the application need to the <identity/> tag when anonymous access is used? Since posting my original message, I discovered that the problem was caused by having ASP.NET validation controls on the page and them requiring a particular file permission into the ASPNET_CLIENT folder (this is through Windows and not IIS). Adding the List Folder Contents permission for the Everyone user fixed the problem. Regards Adam > : Hi everyone, > : [quoted text clipped - 39 lines] > : > : Adam Ainger It sounds like you have authorization enabled for your ASP.Net web application within ASP.Net When you hit cancel and the site works as expected, that tells me anonymous authentication is working just fine from IIS. And since you say that IIS only has anonymous authentication enabled, it tells me that something else is triggering the user login. Something like ASP.Net URL Authorization.  Signature//David IIS http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights. // > Hi everyone, > [quoted text clipped - 27 lines] > > Adam Ainger Thanks for your feedback David. Since posting my original message, I discovered that the problem was caused by having ASP.NET validation controls on the page and them requiring a particular file permission into the ASPNET_CLIENT folder (this is through Windows and not IIS). Adding the List Folder Contents permission for the Everyone user fixed the problem. Regards Adam > It sounds like you have authorization enabled for your ASP.Net web > application within ASP.Net [quoted text clipped - 35 lines] > > > > Adam Ainger |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.