website prompts user and password continously
Hi,
We have a website which has been hosted in IIS7 and it runs with asp.net impersonation and windows authentication. we had been continously prompted with username and password when we are trying to access the website.
it is accessible when we add an user as local admin on that server.
We gave file permission at the NTFS level for all the user but still no luck.
Any responses are much appreciated.
Re: website prompts user and password continously
IIS 7 has some complicated authentication rules and settings. so some of the deeper questions are:..
1) "prompts user and password continously" !!
A: You enter the User & pass and get access, and is this for every visit or for every page ?? ..This is very important to know, because the two have very different methods of solving...
or
B: You enter the User & pass, but the prompt appears again without showing the requested page.??
2) you set it at NTFS level, but did you set the Authorization in IIS ?? See this Page..
Re: website prompts user and password continously
Hi,
when we enter the username and pass the prompts apprears and it was successful only if the user is an admin of that IIS server.
here is the inspector data from fiddler.
No Proxy-Authorization Header is present.
Authorization Header is present: NTLM
4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00 NTLMSSP.........
88 00 00 00 88 01 88 01 A0 00 00 00 06 00 06 00 Ë*...Ë*.Ë*.�.......
58 00 00 00 0E 00 0E 00 5E 00 00 00 1C 00 1C 00 X.......^.......
6C 00 00 00 00 00 00 00 28 02 00 00 05 82 88 A2 l.......(....‚Ë*�
06 01 B1 1D 00 00 00 0F F8 29 84 A0 E9 6D E0 CC ..�.....�)„��m��
04 35 C1 29 C1 1D 76 6C 45 00 55 00 52 00 41 00 .5�)�.vlE.U.R.A.
44 00 43 00 58 00 50 00 38 00 38 00 4C 00 45 00 D.C.X.P.8.8.L.E.
31 00 31 00 4E 00 49 00 4D 00 42 00 38 00 56 00 1.1.N.I.M.B.8.V.
57 00 44 00 53 00 31 00 00 00 00 00 00 00 00 00 W.D.S.1.........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
9E A7 79 CD B7 64 A0 F4 42 D3 CD 67 50 61 CA 93 ž�yͷd��B��gPa�“
01 01 00 00 00 00 00 00 EA F7 76 F8 1C 31 CE 01 ........��v�.1�.
FA 93 5D 6F D2 A6 0D AF 00 00 00 00 02 00 06 00 �“]oҦ.�........
45 00 55 00 52 00 01 00 18 00 57 00 51 00 56 00 E.U.R.....W.Q.V.
53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 S.P.A.V.Y.D.M.0.
36 00 04 00 22 00 65 00 75 00 72 00 2E 00 62 00 6...".e.u.r...b.
6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
2E 00 6E 00 65 00 74 00 03 00 3C 00 57 00 51 00 ..n.e.t...<.W.Q.
56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 V.S.P.A.V.Y.D.M.
30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 0.6...e.u.r...b.
6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
2E 00 6E 00 65 00 74 00 05 00 1A 00 62 00 6E 00 ..n.e.t.....b.n.
79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 y.m.e.l.l.o.n...
6E 00 65 00 74 00 07 00 08 00 EA F7 76 F8 1C 31 n.e.t.....��v�.1
CE 01 06 00 04 00 02 00 00 00 08 00 30 00 30 00 �...........0.0.
00 00 00 00 00 00 00 00 00 00 00 20 00 00 84 8F ........... ..„�
59 77 D7 C1 7F B3 48 CF 72 EA AC F3 10 C6 3D 7D Yw���H�r���.�=}
86 0E DA D2 F5 8B D3 DF D5 FB 9C F1 72 C0 0A 00 â€*.���‹����œ�r�..
10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 09 00 46 00 48 00 54 00 54 00 50 00 2F 00 ....F.H.T.T.P./.
77 00 71 00 76 00 73 00 70 00 61 00 76 00 79 00 w.q.v.s.p.a.v.y.
64 00 6D 00 30 00 36 00 2E 00 65 00 75 00 72 00 d.m.0.6...e.u.r.
2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 ..b.n.y.m.e.l.l.
6F 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 00 00 o.n...n.e.t.....
00 00 00 00 00 00 00 00 ........
-[NTLM Type3: Authentication]------------------------------
Provider: NTLMSSP
Type: 3
OS Version: 6.1:7601
Flags: 0xa2888205
Unicode supported in security buffer.
Request server's authentication realm included in Type2 reply.
NTLM authentication.
Negotiate Always Sign.
Negotiate NTLM2 Key.
Target Information block provided for use in calculation of the NTLMv2 response.
Supports 56-bit encryption.
Supports 128-bit encryption.
lmresp_Offset: 136; lmresp_Length: 24; lmresp_Length2: 24
ntresp_Offset: 160; ntresp_Length: 392; ntresp_Length2: 392
Domain_Offset: 88; Domain_Length: 6; Domain_Length2: 6
User_Offset: 94; User_Length: 14; User_Length2: 14
Host_Offset: 108; Host_Length: 28; Host_Length2: 28
msg_len: 552
Domain: XXX
User: XXXXXXXXX
Host: XXXXXXXXXXXX
lm_resp: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
nt_resp: 9E A7 79 CD B7 64 A0 F4 42 D3 CD 67 50 61 CA 93 01 01 00 00 00 00 00 00 EA F7 76 F8 1C 31 CE 01 FA 93 5D 6F D2 A6 0D AF 00 00 00 00 02 00 06 00 45 00 55 00 52 00 01 00 18 00 57 00 51 00 56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 36 00 04 00 22 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 03 00 3C 00 57 00 51 00 56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 05 00 1A 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 07 00 08 00 EA F7 76 F8 1C 31 CE 01 06 00 04 00 02 00 00 00 08 00 30 00 30 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 84 8F 59 77 D7 C1 7F B3 48 CF 72 EA AC F3 10 C6 3D 7D 86 0E DA D2 F5 8B D3 DF D5 FB 9C F1 72 C0 0A 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 46 00 48 00 54 00 54 00 50 00 2F 00 77 00 71 00 76 00 73 00 70 00 61 00 76 00 79 00 64 00 6D 00 30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 00 00 00 00 00 00 00 00 00 00
------------------------------------