Solved

FTP access with Basic Authentication

Posted on 1998-08-13
9
184 Views
Last Modified: 2010-04-09
I am using IIS 3.0 on a NT4.0 box with both the webroot and the FTP directory set for Basic Authentication, I access the home page via NT login box, with a <A HREF="ftp://198.253.13.155">FTP</A> tag, except after a sucessful login, I get a "User anonymous cannot log in" when I click on the link, why?
0
Comment
Question by:mgfranz
  • 5
  • 4
9 Comments
 
LVL 12

Expert Comment

by:Otta
ID: 1845317
Use:  ftp://userid:password@NSIP5.NOSC.MIL

to specify the 'userid' and 'password' to be used,
since the default values: 'anonymous' and 'guest'
are not being accepted by the FTP-server on 'NSIP5.NOSC.MIL'.

Or, reconfigure the FTP-server to accept 'anonymous/guest'.

0
 
LVL 18

Author Comment

by:mgfranz
ID: 1845318
I cannot change the FTP access to anonymous, and I do not know of a way to pass a users login and password to the browser, except maybe a perl script
0
 
LVL 12

Expert Comment

by:Otta
ID: 1845319
The URL passes the 'userid' and the 'password' to the browser.
These values are checked by the FTP-server.
They are *NOT* related to the ID/password known by the
user of the web-browser software.

If the URL omits the 'userid' and 'password' fields,
then the FTP-server uses 'anonymous' and 'guest',
and then generates the error-message which you are reporting.
0
 
LVL 18

Author Comment

by:mgfranz
ID: 1845320
Does the browser care about using the IP address, or does it have to be the resolved name.  I use <A HREF="ftp://userid:password@198.253.13.155">FTP</A> and  <A HREF="ftp://userid:password@NSIP5.NOSC.MIL and it returns the same error.  I tried this on both Netscape 4.03 and IE 3.2
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 12

Expert Comment

by:Otta
ID: 1845321
The browser attempts DNS-lookups, if the URL
contains a 'FQDN' (Fully Qualified Domain Name),
and just omits DNS-lookups,
when the URL contains an IP-address.

You *should* get *identical* error-messages,
because both URLs connect to the *same* host.

So, the values for 'userid' and 'password' are *NOT* valid.
You need to get the system-administrator (of the host
which is running the FTP-server, to validate any
'userid/password' combinations which you intend to cite, in a URL.
0
 
LVL 18

Author Comment

by:mgfranz
ID: 1845322
Ahhh, thats the problem, this machine is not registered with the DNS due to the cost of registering it, (the Navy charges even it's own hosts for everything).  I guess I'll just have to write a Perl script.
Wait a minute, since I am the sysadmin guy, I am responsible for all logins and access.  Plus, if the userid:password combinations were incorrect, the user would not be able to log onto the home.htm...?

0
 
LVL 12

Expert Comment

by:Otta
ID: 1845323
Wait a minute.  :-)

If you are the administrator of the FTP-server,
you can either "open" the server,
to allow the usage of 'anonymous/guest',
or you can define _valid_ 'ID/Password' combinations,
and use these values in the URL.
These ID/Password combinations can (and should)
be different from the ID/Password combinations
which are used to login to the Domain.

Also, the machine *IS* registered with the DNS.
How do you think that I transformed the IP-address you gave
into the FQDN ?

Think about each "authentication",
and the different ID/Password combinations used at each step.
0
 
LVL 18

Author Comment

by:mgfranz
ID: 1845324
whew... this is getting long, I could enable anonymous, but I was directed to turn it off, again, navy.mil.  I don't think the different login:passwd combo will work either.  there has got to be a way to pass the browser authenticated info to the ftp proxy!
0
 
LVL 12

Accepted Solution

by:
Otta earned 100 total points
ID: 1845325
Coding the URL as 'ftp://userid:password@hostname' is the
easy way to pass ID/password information to the FTP-server.

Of course, JavaScript can be used as a string-manipulation
language, in order to build this string.

Alternately, the FTP-server can be "customized"
to only offer "service" to a set of FQDNs or IP-addresses.

Since some person (using "client" is more Politically-Correct,
but, in this case confusing) has logged-in to a Domain,
you know the range of FQDNs and IP-addresses
which are "owned" by that Domain, correct?

Is it time to take a step "backwards",
and for you to describe, in more detail,
what you are trying to achieve?
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Introduction The Google Maps API offers various ways to draw dynamic and static maps.  Using a combination of PHP and JavaScript, you can draw active JavaScript maps that allow pan-and-zoom in the client browser window.  You can also draw "static" …
This article describes how to create custom column layout styles for Bootstrap. The article uses 5 columns to illustrate the concept, but the principle can be extended to any number of columns.
In this tutorial viewers will learn how to define a gradient in CSS. Create a new HTML document with an internal stylesheet.: Create a div in CSS and name it Gradient. Define the background as "linear-gradient(to right, #ee3668, black)". Ensure you …
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now