• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

FTP access with Basic Authentication

I am using IIS 3.0 on a NT4.0 box with both the webroot and the FTP directory set for Basic Authentication, I access the home page via NT login box, with a <A HREF="ftp://198.253.13.155">FTP</A> tag, except after a sucessful login, I get a "User anonymous cannot log in" when I click on the link, why?
0
mgfranz
Asked:
mgfranz
  • 5
  • 4
1 Solution
 
OttaCommented:
Use:  ftp://userid:password@NSIP5.NOSC.MIL

to specify the 'userid' and 'password' to be used,
since the default values: 'anonymous' and 'guest'
are not being accepted by the FTP-server on 'NSIP5.NOSC.MIL'.

Or, reconfigure the FTP-server to accept 'anonymous/guest'.

0
 
mgfranzAuthor Commented:
I cannot change the FTP access to anonymous, and I do not know of a way to pass a users login and password to the browser, except maybe a perl script
0
 
OttaCommented:
The URL passes the 'userid' and the 'password' to the browser.
These values are checked by the FTP-server.
They are *NOT* related to the ID/password known by the
user of the web-browser software.

If the URL omits the 'userid' and 'password' fields,
then the FTP-server uses 'anonymous' and 'guest',
and then generates the error-message which you are reporting.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
mgfranzAuthor Commented:
Does the browser care about using the IP address, or does it have to be the resolved name.  I use <A HREF="ftp://userid:password@198.253.13.155">FTP</A> and  <A HREF="ftp://userid:password@NSIP5.NOSC.MIL and it returns the same error.  I tried this on both Netscape 4.03 and IE 3.2
0
 
OttaCommented:
The browser attempts DNS-lookups, if the URL
contains a 'FQDN' (Fully Qualified Domain Name),
and just omits DNS-lookups,
when the URL contains an IP-address.

You *should* get *identical* error-messages,
because both URLs connect to the *same* host.

So, the values for 'userid' and 'password' are *NOT* valid.
You need to get the system-administrator (of the host
which is running the FTP-server, to validate any
'userid/password' combinations which you intend to cite, in a URL.
0
 
mgfranzAuthor Commented:
Ahhh, thats the problem, this machine is not registered with the DNS due to the cost of registering it, (the Navy charges even it's own hosts for everything).  I guess I'll just have to write a Perl script.
Wait a minute, since I am the sysadmin guy, I am responsible for all logins and access.  Plus, if the userid:password combinations were incorrect, the user would not be able to log onto the home.htm...?

0
 
OttaCommented:
Wait a minute.  :-)

If you are the administrator of the FTP-server,
you can either "open" the server,
to allow the usage of 'anonymous/guest',
or you can define _valid_ 'ID/Password' combinations,
and use these values in the URL.
These ID/Password combinations can (and should)
be different from the ID/Password combinations
which are used to login to the Domain.

Also, the machine *IS* registered with the DNS.
How do you think that I transformed the IP-address you gave
into the FQDN ?

Think about each "authentication",
and the different ID/Password combinations used at each step.
0
 
mgfranzAuthor Commented:
whew... this is getting long, I could enable anonymous, but I was directed to turn it off, again, navy.mil.  I don't think the different login:passwd combo will work either.  there has got to be a way to pass the browser authenticated info to the ftp proxy!
0
 
OttaCommented:
Coding the URL as 'ftp://userid:password@hostname' is the
easy way to pass ID/password information to the FTP-server.

Of course, JavaScript can be used as a string-manipulation
language, in order to build this string.

Alternately, the FTP-server can be "customized"
to only offer "service" to a set of FQDNs or IP-addresses.

Since some person (using "client" is more Politically-Correct,
but, in this case confusing) has logged-in to a Domain,
you know the range of FQDNs and IP-addresses
which are "owned" by that Domain, correct?

Is it time to take a step "backwards",
and for you to describe, in more detail,
what you are trying to achieve?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now