|
Home > Archive > IIS FTP Server > September 2005 > Password issue?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| JethroUK 2005-09-10, 7:48 am |
| I have a web page on my server which includes video files (login is
controlled by windows)
I am prompted for login/pass when accessing the web page
Problem is:
Every time I click a video link (video files are in the same folder/ same
security) I have to login again before the file will run
Is there any method of extending web page login security to include access
to all files within the same folder?
| |
| Kristofer Gafvert [MVP] 2005-09-10, 8:52 pm |
| Hi,
Do you happen to use Basic Authentication? That is default behavior if you
use that authentication method (and it cannot be changed, and is a feature
of IE and other browsers).
If you use Windows Integrated Authentication, you should only need to
logon once.
Also see this KB Article which may have more information related to this:
"Internet Explorer May Prompt You for a Password"
http://support.microsoft.com/kb/258063/en-us
--
Regards,
Kristofer Gafvert (IIS MVP)
http://www.gafvert.info/iis/ - IIS Related Info
JethroUK wrote:
>I have a web page on my server which includes video files (login is
>controlled by windows)
>
>I am prompted for login/pass when accessing the web page
>
>Problem is:
>
>Every time I click a video link (video files are in the same folder/ same
>security) I have to login again before the file will run
>
>Is there any method of extending web page login security to include access
>to all files within the same folder?
| |
| JethroUK 2005-09-11, 7:48 am |
| Hi
I'm using Window Integrated Authentication (i created a dummy windows
user/pass especially for this)
I did notice that the parent folder (containing the web pages) has internet
security set to 'share' (i'm assuming IIS did this), yet the child folders
(containing the files) are still set to 'unshare' (i have set them to
shared but it still asked for the extra logins)
I am also running an ftp service on the same folder and i don't have any
problems with this (i just logon to the parent once - albeit i am logged on
as an administrator as opposed to a user)
It's further complicated by the fact that it's on a network drive - so it
might be down to a network issue (i might move it to the local machine so i
can eliminate this)
I think i might just have to keep playing around but i don't want to leave
any security risks
Thanks anyway
"Kristofer Gafvert [MVP]" <kgafvert@NEWSilopia.com> wrote in message
news:xn0e731s90000003@news.microsoft.com...[vbcol=seagreen]
> Hi,
>
> Do you happen to use Basic Authentication? That is default behavior if you
> use that authentication method (and it cannot be changed, and is a feature
> of IE and other browsers).
>
> If you use Windows Integrated Authentication, you should only need to
> logon once.
>
> Also see this KB Article which may have more information related to this:
>
> "Internet Explorer May Prompt You for a Password"
> http://support.microsoft.com/kb/258063/en-us
>
>
> --
> Regards,
> Kristofer Gafvert (IIS MVP)
> http://www.gafvert.info/iis/ - IIS Related Info
>
>
> JethroUK wrote:
>
| |
| Alun Jones [MSFT] 2005-09-12, 6:13 pm |
| FTP has a different model - in FTP, you create a connection, you
authenticate on that connection, and then you make any number of transfers
before logging off.
HTTP, by contrast, started life as a "connectionless", "stateless" protocol.
That means that one request is generally not associated with the next
request. Since HTTP 1.1, when the protocol was re-written to allow for a
state or connection to be maintained between requests, there have been
changes to the authentication model to reflect this, but as the FTP
developer around here, I can't really give you good information on HTTP
authentication / authorisation other than what Kristofer has already posted.
Alun.
~~~~
--
Software Design Engineer, Internet Information Server (FTP)
This posting is provided "AS IS" with no warranties, and confers no rights.
"JethroUK" <reply@the.board> wrote in message
news:ezPi8WrtFHA.1284@tk2msftngp13.phx.gbl...
> Hi
>
> I'm using Window Integrated Authentication (i created a dummy windows
> user/pass especially for this)
>
> I did notice that the parent folder (containing the web pages) has
> internet security set to 'share' (i'm assuming IIS did this), yet the
> child folders (containing the files) are still set to 'unshare' (i have
> set them to shared but it still asked for the extra logins)
>
> I am also running an ftp service on the same folder and i don't have any
> problems with this (i just logon to the parent once - albeit i am logged
> on as an administrator as opposed to a user)
>
> It's further complicated by the fact that it's on a network drive - so it
> might be down to a network issue (i might move it to the local machine so
> i can eliminate this)
>
> I think i might just have to keep playing around but i don't want to leave
> any security risks
>
> Thanks anyway
>
>
> "Kristofer Gafvert [MVP]" <kgafvert@NEWSilopia.com> wrote in message
> news:xn0e731s90000003@news.microsoft.com...
>
>
|
|
|
|
|