Granting web access to single users -- iis security

Enrico
1/28/2004 1:39:57 AM

I'm setting up a projects' web and would like to grant
access to projects selectively, i.e., specific users
should access only specific projects. The IIS is set to
request Windows authentication.
The PROJECTS folder ACL grants list access to Domain
Users. The ASP page PROJECTS\LIST.ASP displays all
projects subdirectories (hyperlinking the content) and and
has the ACL set to read&execute for Domain Users. In
project subdir PROJECTS\MYPROJECT I have added a
particular domain user with read&execute&list.

Now my problem: when the particular domain user opens
PROJECTS\LIST.ASP he is asked to provide his credentials
and the page is displayed as expected. But when he tries
to navigate to any of the hyperlinked project content he
was granted access to, a second login dialog appear and
his credentials are refused, i.e., after three attempts
the "access denied" page appears. Why is a second logon
required? And why are his credentials refused?

Enrico
1/28/2004 8:20:53 AM

OK, found the solution: the project content has a link to
a script located in a different directory *without* the
necessary access rights set for the particular user. Once
I set the ACL correctly the IIS behaves as expected :-)

Enrico

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about iis security

iis security : Granting web access to single users