website prompts user and password continously
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 3 of 3

Thread: website prompts user and password continously

Hybrid View

  1. #1
    Join Date
    Apr 2008
    Posts
    38

    website prompts user and password continously

    Hi,

    We have a website which has been hosted in IIS7 and it runs with asp.net impersonation and windows authentication. we had been continously prompted with username and password when we are trying to access the website.

    it is accessible when we add an user as local admin on that server.

    We gave file permission at the NTFS level for all the user but still no luck.

    Any responses are much appreciated.

  2. #2
    Join Date
    Jun 2005
    Location
    JHB South Africa
    Posts
    3,772

    Re: website prompts user and password continously

    IIS 7 has some complicated authentication rules and settings. so some of the deeper questions are:..

    1) "prompts user and password continously" !!

    A: You enter the User & pass and get access, and is this for every visit or for every page ?? ..This is very important to know, because the two have very different methods of solving...
    or
    B: You enter the User & pass, but the prompt appears again without showing the requested page.??

    2) you set it at NTFS level, but did you set the Authorization in IIS ?? See this Page..
    Articles VB6 : Break the 2G limit - Animation 1, 2 VB.NET : 2005/8 : Moving Images , Animation 1 , 2 , 3 , User Controls
    WPF Articles : 3D Animation 1 , 2 , 3
    Code snips: VB6 Hex Edit, IP Chat, Copy Prot., Crop, Zoom : .NET IP Chat (V4), Adv. ContextMenus, click Hotspot, Scroll Controls
    Find me in ASP.NET., VB6., VB.NET , Writing Articles, My Genealogy, Forum
    All VS.NET: posts refer to VS.NET 2008 (Pro) unless otherwise stated.

  3. #3
    Join Date
    Apr 2008
    Posts
    38

    Re: website prompts user and password continously

    Hi,

    when we enter the username and pass the prompts apprears and it was successful only if the user is an admin of that IIS server.

    here is the inspector data from fiddler.

    No Proxy-Authorization Header is present.

    Authorization Header is present: NTLM
    4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00 NTLMSSP.........
    88 00 00 00 88 01 88 01 A0 00 00 00 06 00 06 00 ˆ...ˆ.ˆ.�.......
    58 00 00 00 0E 00 0E 00 5E 00 00 00 1C 00 1C 00 X.......^.......
    6C 00 00 00 00 00 00 00 28 02 00 00 05 82 88 A2 l.......(....‚ˆ�
    06 01 B1 1D 00 00 00 0F F8 29 84 A0 E9 6D E0 CC ..�.....�)„��m��
    04 35 C1 29 C1 1D 76 6C 45 00 55 00 52 00 41 00 .5�)�.vlE.U.R.A.
    44 00 43 00 58 00 50 00 38 00 38 00 4C 00 45 00 D.C.X.P.8.8.L.E.
    31 00 31 00 4E 00 49 00 4D 00 42 00 38 00 56 00 1.1.N.I.M.B.8.V.
    57 00 44 00 53 00 31 00 00 00 00 00 00 00 00 00 W.D.S.1.........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
    9E A7 79 CD B7 64 A0 F4 42 D3 CD 67 50 61 CA 93 ž�yͷd��B��gPa�“
    01 01 00 00 00 00 00 00 EA F7 76 F8 1C 31 CE 01 ........��v�.1�.
    FA 93 5D 6F D2 A6 0D AF 00 00 00 00 02 00 06 00 �“]oҦ.�........
    45 00 55 00 52 00 01 00 18 00 57 00 51 00 56 00 E.U.R.....W.Q.V.
    53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 S.P.A.V.Y.D.M.0.
    36 00 04 00 22 00 65 00 75 00 72 00 2E 00 62 00 6...".e.u.r...b.
    6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
    2E 00 6E 00 65 00 74 00 03 00 3C 00 57 00 51 00 ..n.e.t...<.W.Q.
    56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 V.S.P.A.V.Y.D.M.
    30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 0.6...e.u.r...b.
    6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 n.y.m.e.l.l.o.n.
    2E 00 6E 00 65 00 74 00 05 00 1A 00 62 00 6E 00 ..n.e.t.....b.n.
    79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 y.m.e.l.l.o.n...
    6E 00 65 00 74 00 07 00 08 00 EA F7 76 F8 1C 31 n.e.t.....��v�.1
    CE 01 06 00 04 00 02 00 00 00 08 00 30 00 30 00 �...........0.0.
    00 00 00 00 00 00 00 00 00 00 00 20 00 00 84 8F ........... ..„�
    59 77 D7 C1 7F B3 48 CF 72 EA AC F3 10 C6 3D 7D Yw���H�r���.�=}
    86 0E DA D2 F5 8B D3 DF D5 FB 9C F1 72 C0 0A 00 *.���‹����œ�r�..
    10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
    00 00 09 00 46 00 48 00 54 00 54 00 50 00 2F 00 ....F.H.T.T.P./.
    77 00 71 00 76 00 73 00 70 00 61 00 76 00 79 00 w.q.v.s.p.a.v.y.
    64 00 6D 00 30 00 36 00 2E 00 65 00 75 00 72 00 d.m.0.6...e.u.r.
    2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 ..b.n.y.m.e.l.l.
    6F 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 00 00 o.n...n.e.t.....
    00 00 00 00 00 00 00 00 ........


    -[NTLM Type3: Authentication]------------------------------
    Provider: NTLMSSP
    Type: 3
    OS Version: 6.1:7601
    Flags: 0xa2888205
    Unicode supported in security buffer.
    Request server's authentication realm included in Type2 reply.
    NTLM authentication.
    Negotiate Always Sign.
    Negotiate NTLM2 Key.
    Target Information block provided for use in calculation of the NTLMv2 response.
    Supports 56-bit encryption.
    Supports 128-bit encryption.
    lmresp_Offset: 136; lmresp_Length: 24; lmresp_Length2: 24
    ntresp_Offset: 160; ntresp_Length: 392; ntresp_Length2: 392
    Domain_Offset: 88; Domain_Length: 6; Domain_Length2: 6
    User_Offset: 94; User_Length: 14; User_Length2: 14
    Host_Offset: 108; Host_Length: 28; Host_Length2: 28
    msg_len: 552
    Domain: XXX
    User: XXXXXXXXX
    Host: XXXXXXXXXXXX
    lm_resp: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    nt_resp: 9E A7 79 CD B7 64 A0 F4 42 D3 CD 67 50 61 CA 93 01 01 00 00 00 00 00 00 EA F7 76 F8 1C 31 CE 01 FA 93 5D 6F D2 A6 0D AF 00 00 00 00 02 00 06 00 45 00 55 00 52 00 01 00 18 00 57 00 51 00 56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 36 00 04 00 22 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 03 00 3C 00 57 00 51 00 56 00 53 00 50 00 41 00 56 00 59 00 44 00 4D 00 30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 05 00 1A 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 07 00 08 00 EA F7 76 F8 1C 31 CE 01 06 00 04 00 02 00 00 00 08 00 30 00 30 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 84 8F 59 77 D7 C1 7F B3 48 CF 72 EA AC F3 10 C6 3D 7D 86 0E DA D2 F5 8B D3 DF D5 FB 9C F1 72 C0 0A 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 46 00 48 00 54 00 54 00 50 00 2F 00 77 00 71 00 76 00 73 00 70 00 61 00 76 00 79 00 64 00 6D 00 30 00 36 00 2E 00 65 00 75 00 72 00 2E 00 62 00 6E 00 79 00 6D 00 65 00 6C 00 6C 00 6F 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 00 00 00 00 00 00 00 00 00 00
    ------------------------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Azure Activities Information Page

Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center