Hi everyone,

I have developed an ASP.NET web application and have deployed it to a
production server. The web application has only a single page with the
page_load event having no code in it. The virtual directory in IIS is setup
with anonymous access only. The user that virtual directory is setup to run
under has administrative privilages on the server.

Whenever I visit the deployed site I get prompted for a username and
password. If I enter my username and password the page I was trying to acces
s
is not displayed and I get prompted for a username and password again. If I
press cancel, the page is displayed and the site works as expected.

I've spent a long time investigating this issue and have been unable to get
to the bottom of it. It's extremely important that I fix this issue as it is
affecting a live site.

Has anyone experienced this issue themselves? Or perhaps know how to fix it?

Any help that can be passed on would be gratefully received.

Many thanks

Adam Ainger

[ Post a follow-up to this message ]

"Adam Ainger" <AdamAinger@discussions.microsoft.com> wrote in message
news:B20BFED7-7316-4EB7-8DB3-70530D56A824@microsoft.com...
: Hi everyone,
:
: I have developed an ASP.NET web application and have deployed it to a
: production server. The web application has only a single page with the
: page_load event having no code in it. The virtual directory in IIS is
setup
: with anonymous access only. The user that virtual directory is setup to
run
: under has administrative privilages on the server.

The virtual directory does not run under a user account. Are you talking
about the account that IIS is configured to impersonate for anonymous
requests?

Additionally, is your ASP.NET application configured to impersonate this
account (via <identity impersonate="true" /> setting)?

Lastly, can you post the relevant IIS logfiles?

Cheers
Ken




: Whenever I visit the deployed site I get prompted for a username and
: password. If I enter my username and password the page I was trying to
access
: is not displayed and I get prompted for a username and password again. If
I
: press cancel, the page is displayed and the site works as expected.
:
: I've spent a long time investigating this issue and have been unable to
get
: to the bottom of it. It's extremely important that I fix this issue as it
is
: affecting a live site.
:
: Has anyone experienced this issue themselves? Or perhaps know how to fix
it?
:
: Any help that can be passed on would be gratefully received.
:
: Many thanks
:
: Adam Ainger
:

[ Post a follow-up to this message ]

It sounds like you have authorization enabled for your ASP.Net web
application within ASP.Net

When you hit cancel and the site works as expected, that tells me anonymous
authentication is working just fine from IIS. And since you say that IIS
only has anonymous authentication enabled, it tells me that something else
is triggering the user login. Something like ASP.Net URL Authorization.

--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//

"Adam Ainger" <AdamAinger@discussions.microsoft.com> wrote in message
news:B20BFED7-7316-4EB7-8DB3-70530D56A824@microsoft.com...
> Hi everyone,
>
> I have developed an ASP.NET web application and have deployed it to a
> production server. The web application has only a single page with the
> page_load event having no code in it. The virtual directory in IIS is
> setup
> with anonymous access only. The user that virtual directory is setup to
> run
> under has administrative privilages on the server.
>
> Whenever I visit the deployed site I get prompted for a username and
> password. If I enter my username and password the page I was trying to
> access
> is not displayed and I get prompted for a username and password again. If
> I
> press cancel, the page is displayed and the site works as expected.
>
> I've spent a long time investigating this issue and have been unable to
> get
> to the bottom of it. It's extremely important that I fix this issue as it
> is
> affecting a live site.
>
> Has anyone experienced this issue themselves? Or perhaps know how to fix
> it?
>
> Any help that can be passed on would be gratefully received.
>
> Many thanks
>
> Adam Ainger
>

[ Post a follow-up to this message ]

Thanks for your feedback Ken.

I'm new to ASP.NET - does the application need to the <identity/> tag when
anonymous access is used?

Since posting my original message, I discovered that the problem was caused
by having ASP.NET validation controls on the page and them requiring a
particular file permission into the ASPNET_CLIENT folder (this is through
Windows and not IIS). Adding the List Folder Contents permission for the
Everyone user fixed the problem.

Regards

Adam

"Ken Schaefer" wrote:

> "Adam Ainger" <AdamAinger@discussions.microsoft.com> wrote in message
> news:B20BFED7-7316-4EB7-8DB3-70530D56A824@microsoft.com...
> : Hi everyone,
> :
> : I have developed an ASP.NET web application and have deployed it to a
> : production server. The web application has only a single page with the
> : page_load event having no code in it. The virtual directory in IIS is
> setup
> : with anonymous access only. The user that virtual directory is setup to
> run
> : under has administrative privilages on the server.
>
> The virtual directory does not run under a user account. Are you talking
> about the account that IIS is configured to impersonate for anonymous
> requests?
>
> Additionally, is your ASP.NET application configured to impersonate this
> account (via <identity impersonate="true" /> setting)?
>
> Lastly, can you post the relevant IIS logfiles?
>
> Cheers
> Ken
>
>
>
>
> : Whenever I visit the deployed site I get prompted for a username and
> : password. If I enter my username and password the page I was trying to
> access
> : is not displayed and I get prompted for a username and password again. I
f
> I
> : press cancel, the page is displayed and the site works as expected.
> :
> : I've spent a long time investigating this issue and have been unable to
> get
> : to the bottom of it. It's extremely important that I fix this issue as i
t
> is
> : affecting a live site.
> :
> : Has anyone experienced this issue themselves? Or perhaps know how to fix
> it?
> :
> : Any help that can be passed on would be gratefully received.
> :
> : Many thanks
> :
> : Adam Ainger
> :
>
>
>

[ Post a follow-up to this message ]

Thanks for your feedback David.

Since posting my original message, I discovered that the problem was caused
by having ASP.NET validation controls on the page and them requiring a
particular file permission into the ASPNET_CLIENT folder (this is through
Windows and not IIS). Adding the List Folder Contents permission for the
Everyone user fixed the problem.

Regards

Adam

"David Wang [Msft]" wrote:

> It sounds like you have authorization enabled for your ASP.Net web
> application within ASP.Net
>
> When you hit cancel and the site works as expected, that tells me anonymou
s
> authentication is working just fine from IIS. And since you say that IIS
> only has anonymous authentication enabled, it tells me that something else
> is triggering the user login. Something like ASP.Net URL Authorization.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights
.
> //
>
> "Adam Ainger" <AdamAinger@discussions.microsoft.com> wrote in message
> news:B20BFED7-7316-4EB7-8DB3-70530D56A824@microsoft.com... 
>
>
>

[ Post a follow-up to this message ]