Random credentials request

Discussion in 'ASP .Net Security' started by Brad Coble, Mar 14, 2006.

  1. Brad Coble

    Brad Coble Guest

    First, please forgive me I'm new here. This question may already have been
    answered. I have a Win2K3 server running IIS6 only on our intranet. My plan
    was to use our domain to authenticate users.

    Here is what I set in web.config:

    <authentication mode="Windows"/>

    <roleManager enabled="true" defaultProvider="WindowsProvider">
    <providers>
    <clear/>
    <add name="WindowsProvider"
    type="System.Web.Security.WindowsTokenRoleProvider"/>
    </providers>
    </roleManager>

    <authorization>
    <deny users="?"/>
    </authorization>

    And under locations

    <location path="mx">
    <system.web>
    <authorization>
    <allow roles="automation"/>
    <deny users="*"/>
    </authorization>
    </system.web>
    </location>

    My expectations for this setup is that all authenticated users(logged in via
    our domain) can get to all pages except those that are setup under location.
    It works ok except that sometimes, not always, when a user browses to a page
    it doesnt like their authentication and forces a request for credentials.

    Any ideas why? Thanks!!


    Brad Coble
    Brad Coble, Mar 14, 2006
    #1
    1. Advertising

  2. Hello Brad,

    Is this problem reproducable? For example, only with a particular user,
    only on a particular computer, or only when access a particular web page?
    When a user encounter such a problem, if he close all IE windows or even a
    reboot, will this fix the problem?

    Luke Zhang
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Luke Zhang [MSFT], Mar 15, 2006
    #2
    1. Advertising

  3. Brad Coble

    Brad Coble Guest

    No not really. It has happened to me on occasion and i have admin rights on
    all machines. It seems to be random. You can close out the dialog that pops
    up, refresh the page and it recognizes the user. It has happened on several
    different machines and with different user accounts.


    "Luke Zhang [MSFT]" <> wrote in message
    news:...
    > Hello Brad,
    >
    > Is this problem reproducable? For example, only with a particular user,
    > only on a particular computer, or only when access a particular web page?
    > When a user encounter such a problem, if he close all IE windows or even a
    > reboot, will this fix the problem?
    >
    > Luke Zhang
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    Brad Coble, Mar 15, 2006
    #3
  4. Did this problem reported within another web application on the same
    server? From my experience, this is more like a IIS or NT domain issue. If
    the probelm occurs frequently, you may enable IIS log to see if you can get
    more information from there. (Also, it is worthy a try to check system
    event log).

    And, if you enable the "cacheRolesInCookie" property:

    <roleManager defaultProvider="WindowsProvider"
    enabled="true"
    cacheRolesInCookie="true">

    Will this help?

    Luke Zhang
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    Luke Zhang [MSFT], Mar 16, 2006
    #4
  5. Brad Coble

    Brad Coble Guest

    I will try those thanks!!


    "Luke Zhang [MSFT]" <> wrote in message
    news:...
    > Did this problem reported within another web application on the same
    > server? From my experience, this is more like a IIS or NT domain issue. If
    > the probelm occurs frequently, you may enable IIS log to see if you can
    > get
    > more information from there. (Also, it is worthy a try to check system
    > event log).
    >
    > And, if you enable the "cacheRolesInCookie" property:
    >
    > <roleManager defaultProvider="WindowsProvider"
    > enabled="true"
    > cacheRolesInCookie="true">
    >
    > Will this help?
    >
    > Luke Zhang
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    Brad Coble, Mar 16, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Brian Birtle
    Replies:
    2
    Views:
    2,017
    John Saunders
    Oct 16, 2003
  2. Shree
    Replies:
    0
    Views:
    2,123
    Shree
    Sep 2, 2006
  3. globalrev
    Replies:
    4
    Views:
    756
    Gabriel Genellina
    Apr 20, 2008
  4. Ramadass

    forwarding Credentials to a web request

    Ramadass, Dec 6, 2004, in forum: ASP .Net Security
    Replies:
    0
    Views:
    142
    Ramadass
    Dec 6, 2004
  5. VK
    Replies:
    15
    Views:
    1,161
    Dr J R Stockton
    May 2, 2010
Loading...

Share This Page