IIS Server Security - IIS username:password@server.domain.com

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > June 2007 > IIS username:password@server.domain.com





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author IIS username:password@server.domain.com
murphyadam@sbcglobal.net

2007-06-08, 7:20 pm

How can I set up IIS to accept authentication from a client POSTing to
my website with their username/password in the URL?

Right now I have Annonymous turned off and Digest turned on. The user
account has read/execute privileges for the virtual folder.

So they are sending me this

http://username:password@server.dom...l/url.page.aspx

And they are getting this

Error 401.1 Unauthorized

I want them to get this

202 Success

DaveMo

2007-06-09, 1:21 pm

On Jun 8, 12:52 pm, murphya...@sbcglobal.net wrote:
> How can I set up IIS to accept authentication from a client POSTing to
> my website with their username/password in the URL?
>
> Right now I have Annonymous turned off and Digest turned on. The user
> account has read/execute privileges for the virtual folder.
>
> So they are sending me this
>
> http://username:passw...@server.dom...l/url.page.aspx
>
> And they are getting this
>
> Error 401.1 Unauthorized
>
> I want them to get this
>
> 202 Success

You should read this: http://support.microsoft.com/kb/834489

You need to enable Basic authentication to make this work.

Also, this sends credentials in plain text over the network, so if you
really want to use Basic (often not the best choice) then you should
use SSL (HTTPS).

HTH,
Dave

murphyadam@sbcglobal.net

2007-06-12, 7:19 pm

I turned on basic authentication but I still get error 401 when trying
to POST.

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com