FTP has a different model - in FTP, you create a connection, you
authenticate on that connection, and then you make any number of transfers
before logging off.
HTTP, by contrast, started life as a "connectionless", "stateless" protocol.
That means that one request is generally not associated with the next
request. Since HTTP 1.1, when the protocol was re-written to allow for a
state or connection to be maintained between requests, there have been
changes to the authentication model to reflect this, but as the FTP
developer around here, I can't really give you good information on HTTP
authentication / authorisation other than what Kristofer has already posted.
Alun.
~~~~
--
Software Design Engineer, Internet Information Server (FTP)
This posting is provided "AS IS" with no warranties, and confers no rights.
[quoted text, click to view] "JethroUK" <reply@the.board> wrote in message
news:ezPi8WrtFHA.1284@tk2msftngp13.phx.gbl...
> Hi
>
> I'm using Window Integrated Authentication (i created a dummy windows
> user/pass especially for this)
>
> I did notice that the parent folder (containing the web pages) has
> internet security set to 'share' (i'm assuming IIS did this), yet the
> child folders (containing the files) are still set to 'unshare' (i have
> set them to shared but it still asked for the extra logins)
>
> I am also running an ftp service on the same folder and i don't have any
> problems with this (i just logon to the parent once - albeit i am logged
> on as an administrator as opposed to a user)
>
> It's further complicated by the fact that it's on a network drive - so it
> might be down to a network issue (i might move it to the local machine so
> i can eliminate this)
>
> I think i might just have to keep playing around but i don't want to leave
> any security risks
>
> Thanks anyway
>
>
> "Kristofer Gafvert [MVP]" <kgafvert@NEWSilopia.com> wrote in message
> news:xn0e731s90000003@news.microsoft.com...
>> Hi,
>>
>> Do you happen to use Basic Authentication? That is default behavior if
>> you use that authentication method (and it cannot be changed, and is a
>> feature of IE and other browsers).
>>
>> If you use Windows Integrated Authentication, you should only need to
>> logon once.
>>
>> Also see this KB Article which may have more information related to this:
>>
>> "Internet Explorer May Prompt You for a Password"
>>
http://support.microsoft.com/kb/258063/en-us >>
>>
>> --
>> Regards,
>> Kristofer Gafvert (IIS MVP)
>>
http://www.gafvert.info/iis/ - IIS Related Info
>>
>>
>> JethroUK wrote:
>>
>>>I have a web page on my server which includes video files (login is
>>>controlled by windows)
>>>
>>>I am prompted for login/pass when accessing the web page
>>>
>>>Problem is:
>>>
>>>Every time I click a video link (video files are in the same folder/ same
>>>security) I have to login again before the file will run
>>>
>>>Is there any method of extending web page login security to include
>>>access to all files within the same folder?
>
>
