|
Home > Archive > IIS Server Security > July 2006 > login problem with iis and webdav.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
login problem with iis and webdav.
|
|
| Allan Bentsen 2006-06-28, 7:19 pm |
| Hi there
My setup is as follows.
A Windows 2003 Server, IIS 6, WebDav, and a website (aspx/C#)
A Windows XP Pro sp2 ie6 sp2.
Problem:
From a webpage it is possible to choose between opening a folder in a
virtual directory with file://... or http:// (WebDav).
When a user opens the folder using WebDav, a login dialog appears, and the
user enters his/her credentials and presses OK,
then the dialog reappears, and does so forever, even though the "remember my
password" is checked.
If, however, the user enters the credentials once and the cancels the second
login dialog, then the webfolder is shown.
And if the user opens the folder with the file://.. then there are no
problems, except that it's impossible to open the folder as a webfolder
until the ie is closed and reopened.
Sometimes, if a file is dropped into a web-folder, the filename is
shortened, e.g. MyDoc.doc becomes Moc.doc, yD is simply missing.
I hope that this makes sence, and there is some kind of solution :-)
Best regards
Allan.
| |
| WenJun Zhang[msft] 2006-06-29, 6:14 am |
| Hi Allan,
A possible cause is the anonymous account does have permission on the
webdav folder but doesn't have right on some files in it. So IIS prompts
you for authentication. When you click cancel, the folder is still opened
but some content may not be correctly displayed or opened in read-only.
Best regards,
WenJun Zhang
Microsoft Online Partner Support
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| WenJun Zhang[msft] 2006-06-29, 7:35 am |
| Hi Allan,
A possible cause is the anonymous account does have permission on the
webdav folder but doesn't have right on some files in it. So IIS prompts
you for authentication. When you click cancel, the folder is still opened
but some content may not be correctly displayed or opened in read-only.
Best regards,
WenJun Zhang
Microsoft Online Partner Support
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| Allan Bentsen 2006-07-02, 1:31 am |
| Hi WenJun
Thank you for your reply.
The website uses windows integrated authentication only.
The problem only exists on Windows XP clients, and not on windows 2003
server clients, that is the same account opens the webfolder from a winXP
and Win2K3.
In the website, authenticated users has read access, and on the virtual
directory the authenticated user has read, write and browse rights.
Furthermore the accessrights for each individual folder is set using the
SetACL.exe, so there should be no access problems there.
As explained previously the "Connect to 'WebSiteName'" dialog appears and
this dialog keeps appearing even though the creadentials are correct. If the
cancel button is pressed after the first login attempt, the the user has
full access to the folder and all files in it.
If the user tries to open a word document, from a webfolder, then the user
is again prompted to enter credentials. If the user then chooses to cancel,
access to the document is denied, otherwise access is granted.
Another thing is that if the user first opens with file:// instead of
http:// then no prompt appears and the user has access through
\\servername\...\folder. If the user opens another webfolder, then it is
overruled and the user receives a explorerview with \\servername\...\folder.
I hope this helps to clarify my sitution :-)
""WenJun Zhang[msft]"" <wjzhang@online.microsoft.com> wrote in message
news:Q$SXo02mGHA.2028@TK2MSFTNGXA01.phx.gbl...
> Hi Allan,
>
> A possible cause is the anonymous account does have permission on the
> webdav folder but doesn't have right on some files in it. So IIS prompts
> you for authentication. When you click cancel, the folder is still opened
> but some content may not be correctly displayed or opened in read-only.
>
> Best regards,
>
> WenJun Zhang
> Microsoft Online Partner Support
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
>
| |
| WenJun Zhang[msft] 2006-07-04, 5:33 am |
| Hi Allan,
Probably this is a familar client-side issue due to the new security
restriction feature in XP SP2. Please follow the KB instruction below to
set DisableLoopbackCheck to 1 and see if this fixes the problem.
896861 You receive error 401.1 when you browse a Web site that uses
Integrated Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/defaul...kb;EN-US;896861
Best regards,
WenJun Zhang
Microsoft Online Partner Support
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| WenJun Zhang[msft] 2006-07-06, 9:26 am |
| Hi Allan,
I just wonder how the issue is going now?
Best regards,
WenJun Zhang
Microsoft Online Partner Support
This posting is provided "AS IS" with no warranties, and confers no rights.
|
|
|
|
|