Multiple log-in requests for single aspx page - WHY?

P

Paul Bryant

I have a subweb secured with Windows authentication. IIS has anonymous
access disabled & basic auth enabled. The sub folder has acls set to allow
access to a single non-admin user as well as administrators. Upon browsing
to the home of the secured subweb users are prompted to log-in once, and
assuming correct credentials are entered can access the site. When then
non-admin user then follows a link to browse to an aspx page within the
subweb another log-in prompt is displayed.
WEIRD:
If the user enters their username/password the log-in dialog re-appears 3
times then the page is displayed. HOWEVER if they click cancel/press escape
the page IS STILL DISPLAYED.

This only happens from a win2k client, accessing the page from XP works as
expected.

Also, I found that when setting unique permissions on the subweb using the
FPSE admin web pages I lost the ASPNET account permissions, breaking the
application, and had to manually re-add them. This doesn't seem very clever.
As if security wasn't complicated enough with ASP I now have to check ACLs,
IIS settings, FPSE settings AND web.configs, any or all of which can break
the security.

TIA,

Paul Bryant
 
J

Jim Cheshire [MSFT]

Paul,

Are you impersonating in your ASP.NET application? If not, I would think
that the cause of the problem is that ASPNET (the user account for the
aspnet_wp.exe process) is being denied access. However, the fact that it
works from a Windows XP machine is very strange.

What do the IIS logs show? What do you see if you get a Filemon log of
this problem? (www.sysinternals.com).

As to the FPSE, if you try and manage permissions using FPSE, they may
tighten security which will remove any unknown accounts from browse access
on the site. This includes the ASPNET account. Therefore, if you do
tighten security with FPSE, you will need to add the ASPNET account back to
the wwwroot folder with default permissions.

Jim Cheshire [MSFT]
Developer Support
ASP.NET
(e-mail address removed)

This post is provided as-is with no warranties and confers no rights.


--------------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top