[quoted text, click to view] > The user clicks on a link to a resource and is
> prompted for their username and password, this is accepted
It sounds like Basic Authentication was enforced for the URL that the user
first clicks
[quoted text, click to view] > and they are shown a menu of resources to choose.
> They click on one of the links and a login box
> appears again. This login box will not accept any
> username or password but if you press Cancel
> it displays the resource anyway
This sounds like the URL of the menus have other authentication enabled
because if it was just Basic, then it should just display (browser should be
configured to auto-authenticate using Basic and this should just
automatically work). If it displays when you hit cancel, it probably means
that anonymous authentication is enabled but anonymous user is
misconfigured -- so the web browser keeps trying anonymous failing -- but
when you hit cancel, the browser auto-authenticates using your user identity
and that works, so it succeeds.
The continuous prompting simply says that something is misconfigured on your
server and has nothing to do with the resource type.
--
//David
IIS
http://blogs.msdn.com/David.Wang This posting is provided "AS IS" with no warranties, and confers no rights.
//
[quoted text, click to view] "Stephen Ellis" <StephenEllis@discussions.microsoft.com> wrote in message
news:69BCFAFC-6E40-4841-A126-60A5DB3CED4E@microsoft.com...
Hi David
Thanks for responding. I set Basic Authentication at the Virtual Directory
level and it appears that this setting is carried down for all urls off of
the VD. Is this what you meant?
Thanks again
Stephen
[quoted text, click to view] "David Wang [Msft]" wrote:
> Sounds like you have anonymous authentication enabled for those URLs, and
> the anonyomus user credential configured in IIS is invalid.
>
> --
> //David
> IIS
>
http://blogs.msdn.com/David.Wang > This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Stephen Ellis" <StephenEllis@discussions.microsoft.com> wrote in message
> news:19896939-28F5-482C-A87C-127C1E8EAD9D@microsoft.com...
> I have a problem displaying some of the pages on our web server. The
server
> is a Windows 2003 server (IIS 6.0) that has two web sites separated by
host
> headers. The setup is really simple, with a mix of asp and static HTML
> pages.
> I haven't really done anything fancy configuration-wise. We secure some of
> our online learning resources via Basic Authentication (No SSL as yet I'm
> afraid) and NTFS permissions. The user clicks on a link to a resource and
is
> prompted for their username and password, this is accepted and they are
> shown
> a menu of resources to choose. They click on one of the links and a login
> box
> appears again. This login box will not accept any username or password but
> if
> you press Cancel it displays the resource anyway. I've checked all the
NTFS
> permissions up and down the folder structure and everything carries
through
> correctly. I've also checked the IIS logs, but they do not throw up
> anything.
> The only thing I can think the problem can be is to do with the way IIS
> handles security of .js files as the resources use this within the HTML?
Can
> anyone help me try to troubleshoot this? I would be forever grateful.
> Thanks in advance.
>
> Stephen
>
>
>
