"Anil" <anilr@post.com> wrote in message
news:108c4151.0408180030.5d5850e2@posting.google.com...
> After installing SP2 for Windows XP, I noticed that my local IIS web
> site that uses Windows authentication was acting strangly. When I go
> to :
>
> http://localhost/mySecureSite - no login window - site is displayed
> http://[myIPAddress]/mySecureSite - login window - site is displayed
> (after very slow login)
> http://127.0.0.1/mySecureSite - login window - site is displayed
> http://mySite/mySecureSite - login window - ** access denied **
>
> In the last test, "mySite" was defined in the hosts file on the local
> machine. The login windows was displayed (with the name of the local
> machine in the title of the dialog) however the username/password was
> systematically rejected!!
>
>
> Tests I performed:
> - Instead of defining mySite as 127.0.0.1 in the hosts file, I defined
> it as the local external IP address. No change.
>
> - Disabled the firewall (Set to "Off" in the "General" Tab of Windows
> Firewall). No change.
>
> - Stopped the Windows Firewall /ICS service. No change.
>
> - Rebooted. No change.
>
> - I just tried these four tests in Mozilla Firefox. They all work?!!!
> Is this an IE security setting problem?
>
>
> Any help would be appreciated,
> Anil

"Anil" <anilr@post.com> wrote in message
news:108c4151.0408180030.5d5850e2@posting.google.com...
> After installing SP2 for Windows XP, I noticed that my local IIS web
> site that uses Windows authentication was acting strangly. When I go
> to :
>
> http://localhost/mySecureSite - no login window - site is displayed
> http://[myIPAddress]/mySecureSite - login window - site is displayed
> (after very slow login)
> http://127.0.0.1/mySecureSite - login window - site is displayed
> http://mySite/mySecureSite - login window - ** access denied **
>
> In the last test, "mySite" was defined in the hosts file on the local
> machine. The login windows was displayed (with the name of the local
> machine in the title of the dialog) however the username/password was
> systematically rejected!!
>
>
> Tests I performed:
> - Instead of defining mySite as 127.0.0.1 in the hosts file, I defined
> it as the local external IP address. No change.
>
> - Disabled the firewall (Set to "Off" in the "General" Tab of Windows
> Firewall). No change.
>
> - Stopped the Windows Firewall /ICS service. No change.
>
> - Rebooted. No change.
>
> - I just tried these four tests in Mozilla Firefox. They all work?!!!
> Is this an IE security setting problem?
>
>
> Any help would be appreciated,
> Anil

"Anil" <anilr@post.com> wrote in message
news:108c4151.0408180710.bcfa51a@posting.google.com...
> Thanks for the responses guys.
>
> I tried adding "mysite" to both the Trusted Sites and the Local
> Intranet site, but still I can not get past the login window.
>
> What I don't understand is that "mysite" resolves to 127.0.0.1. So
> theoretically the login window should be the same for both. However
> the "mysite" link rejects every login, while the link using 127.0.0.1
> works just fine (logging in with USERNAME or MYCOMPUTERNAME\USERNAME).
>
> I've got an ASP page that returns the AUTH_USER server variable. It
> appears that I'm logging in to the appropriate account with the 3
> links that do work (i.e. I can use a username/pwd other than my
> current logged in account).
>
> Again, with Mozilla I can access all 4 links on the local machine.
>
> Interestingly, from a remote machine (Windows 2000 on another domain)
> if I modify the hosts file to define "mysite" as the IP address of the
> XP box it works just fine. I can log in without a problem.
>
> This would appear to be an IE bug / strange security setting.
>
> A colleague of mine just (unintentionally) duplicated this scenario.
> Hmmm....
>
>
> Can anyone confirm this as an SP2 bug?

"Anil" <anilr@post.com> wrote in message
news:108c4151.0408180710.bcfa51a@posting.google.com...
> Thanks for the responses guys.
>
> I tried adding "mysite" to both the Trusted Sites and the Local
> Intranet site, but still I can not get past the login window.
>
> What I don't understand is that "mysite" resolves to 127.0.0.1. So
> theoretically the login window should be the same for both. However
> the "mysite" link rejects every login, while the link using 127.0.0.1
> works just fine (logging in with USERNAME or MYCOMPUTERNAME\USERNAME).
>
> I've got an ASP page that returns the AUTH_USER server variable. It
> appears that I'm logging in to the appropriate account with the 3
> links that do work (i.e. I can use a username/pwd other than my
> current logged in account).
>
> Again, with Mozilla I can access all 4 links on the local machine.
>
> Interestingly, from a remote machine (Windows 2000 on another domain)
> if I modify the hosts file to define "mysite" as the IP address of the
> XP box it works just fine. I can log in without a problem.
>
> This would appear to be an IE bug / strange security setting.
>
> A colleague of mine just (unintentionally) duplicated this scenario.
> Hmmm....
>
>
> Can anyone confirm this as an SP2 bug?

"Anil Rhemtulla" <anilr@post.com> wrote in message
news:eLeeMnchEHA.1652@TK2MSFTNGP09.phx.gbl...
> User Name: ANILR
> Domain: myDomain

"Anil" <anilr@post.com> wrote in message
news:108c4151.0408240001.387efe58@posting.google.com...
> John,
>
> You managed to log on to a local web site with Windows Authentication
> using a host name in the URL (which was defined in your HOSTS file)?
>
> As I mentioned, I've tried both local and domain username/pwd
> combinations, and I can successfuly log in to the web site if I
> replace the Host name with either the IP address or "localhost".
>
> I have defined the Host name correctly (tested using "ping HostName")
> as either the IP address or 127.0.0.1. But neither allow me to log in.
>
> Here's the interesting part:
> IT WORK IN MOZILLA FIREFOX !
>
> So for some reason, the IE is screwing up the windows Authentication.
> I've tried adding HostName to my trusted web sites in IE to see if
> that helped out, but it did not.
>
> John, can you please confirm your test was similar.
>
> Cheers,
> Anil