|
Home > Archive > IIS Server Security > August 2006 > User gets challenged for authentication when opening a document
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
User gets challenged for authentication when opening a document
|
|
| John Beschler 2006-08-08, 7:20 pm |
| WE have a WEB-Based application that (among other things) generates an excel
spreadsheet that is returned to the user. The entire site is SSL secured and
uses NTFS permissions for all pages.
All users must have a domain account to access the site. When initially
entering the site, they are challenged for their domain username/password.
Thereafter, no matter where they go within the site, they are not challenged
again excpet for this one instance. Whenever they request this aprticular
report (in excel) once the report generates, the user is prompted as to
whether they wish to open the file or save it. Then, they are challenged
again for their domain username/password.
Can anyone explain to me why this is happeneing and how to elimnate the
second challenge. Permissions "should" be the same for the document as for
the rest of the site.
Thanks,
John
| |
| David Wang [Msft] 2006-08-09, 1:25 am |
| I believe that second challenge comes from the Office application (Excel in
this case) because it uses a different HTTP client internally (not your web
browser) with a new HTTP/HTTPS connection and hence subject to that
challenge for username/password from your site. If you can get the Office
app to not request for anything from your site to view the report, you
should not see the challenge.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"John Beschler" <JohnBeschler@discussions.microsoft.com> wrote in message
news:6F16912B-3CC2-42CB-A6B5-CDB01CD5A553@microsoft.com...
> WE have a WEB-Based application that (among other things) generates an
> excel
> spreadsheet that is returned to the user. The entire site is SSL secured
> and
> uses NTFS permissions for all pages.
>
> All users must have a domain account to access the site. When initially
> entering the site, they are challenged for their domain username/password.
> Thereafter, no matter where they go within the site, they are not
> challenged
> again excpet for this one instance. Whenever they request this aprticular
> report (in excel) once the report generates, the user is prompted as to
> whether they wish to open the file or save it. Then, they are challenged
> again for their domain username/password.
>
> Can anyone explain to me why this is happeneing and how to elimnate the
> second challenge. Permissions "should" be the same for the document as
> for
> the rest of the site.
> Thanks,
> John
>
| |
| Funkadyleik Spynwhanker 2006-08-09, 1:27 pm |
|
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:ueFhRv1uGHA.4512@TK2MSFTNGP05.phx.gbl...
>I believe that second challenge comes from the Office application (Excel in
>this case) because it uses a different HTTP client internally (not your web
>browser) with a new HTTP/HTTPS connection and hence subject to that
>challenge for username/password from your site. If you can get the Office
>app to not request for anything from your site to view the report, you
>should not see the challenge.
>
> --
> //David
Not entirely accurate. It does open a HTTP session. But it does in an
attempt to do it in read/WRITE mode.
Office by default, assumes that documents on a web site are in a
"Sharepoint" or "Office Extended" site where the user is an active
particpant in the process and is supposed to be making changes in the
document.
Whether or not it is a dynamic document or not is irrelevant, the prompt is
generated by Office trying to get _WRITE_ mode.
The only fix for this I know of is to upgrade the office install to the
latest service pack. As a work around, instruct the users to right click
and download the document. Or better yet, present it in a read-only way via
HTML or PDF or something.
So the answer is "Get the SPs for Office and it will go away".
| |
| jigs4u4ever 2006-08-09, 1:27 pm |
| Hi,
Try to add the MIME type for excel. this will not ask to save docs to the
system and open the same on availabel IE browse, and if it is some session
related problems, you will not get challenge for username and password again.
Note: NTLM authentication does not allow connection through proxy.
Thanks & Regards
jigs
"John Beschler" wrote:
> WE have a WEB-Based application that (among other things) generates an excel
> spreadsheet that is returned to the user. The entire site is SSL secured and
> uses NTFS permissions for all pages.
>
> All users must have a domain account to access the site. When initially
> entering the site, they are challenged for their domain username/password.
> Thereafter, no matter where they go within the site, they are not challenged
> again excpet for this one instance. Whenever they request this aprticular
> report (in excel) once the report generates, the user is prompted as to
> whether they wish to open the file or save it. Then, they are challenged
> again for their domain username/password.
>
> Can anyone explain to me why this is happeneing and how to elimnate the
> second challenge. Permissions "should" be the same for the document as for
> the rest of the site.
> Thanks,
> John
>
|
|
|
|
|