Integrated Security under Win2K and WinXP

  • Thread starter Alexander Stojakovic
  • Start date
A

Alexander Stojakovic

Werte Kollegen!

I have a ASP.NET page authenticating via Integrated Security.
For some reason the behaviour on the client is differing depending
on the OS. I have some clients using WinXP and some using Win2K,
all of them having IE6 with the latest updates and all of them having
'User Authentication' set to 'Prompt for user name and password'
on purpose.

WinXP:
Login Prompt appears, user has to enter valid credentials, otherwise
an error occures. This is the desired and expected behaviour.

Win2K:
Empty Login Prompt appears (looks different then the WinXP
prompt). With invalid credentials the error is thrown, but when the
user leaves all fields blank he is being logged on with the current
windows credentials.

In some applications I have to force the user to enter valid
credentials, that is why I don't need the behavior under Win2K.
If I however change page security settings to Basic Authentication,
I get the expected behavior under Win2K as well. My problem
is that transfering the credentials in clear text is unacceptable and
I want to avoid using SSL since there are quite a few pages
involved.

What is the reason for this behavior and what is a workaround?

best regards

Sascha
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top