asdavey
asked on
Integrated Authentication and Host Headers authorization issue.
Hi,
I have a IIS 6.0 setup on Windows 2003 to work with Share Point Team services. Because I have more than one site setup on the single machine using the same IP address, I decided to use host headers (as opposed to making our developers remember different port numbers for the different sites). Our server is called 'app01', and so I created in DNS a forward lookup zone called 'web', in which I created an alias entry 'sharepoint' which mapped to 'app01'.
Because our web server is exposed to other companies within the same office (its a shared office space) I wanted to use Windows Authentication so only select users could view these websites.
The problem is whenever I try to access the website using 'http://sharepoint.web.app01' I get asked for a username and password in a dialog box (as though its using basic authentication - which its not). If I enter in my account details I am then given access to the website.
However if I access the website using 'http://app01:85' (port 85 was another host identity that I setup in IIS for this particular site) I am not prompted for a username and password and have access as I would have expected.
Basically it appears that if I use a host header which is different to the name of the computer, integrated authentication doesn't work as expected. I would however like to get it working since some applications that I run don't support the popup username and password dialog box (not to mention that its a complete pain).
I have a IIS 6.0 setup on Windows 2003 to work with Share Point Team services. Because I have more than one site setup on the single machine using the same IP address, I decided to use host headers (as opposed to making our developers remember different port numbers for the different sites). Our server is called 'app01', and so I created in DNS a forward lookup zone called 'web', in which I created an alias entry 'sharepoint' which mapped to 'app01'.
Because our web server is exposed to other companies within the same office (its a shared office space) I wanted to use Windows Authentication so only select users could view these websites.
The problem is whenever I try to access the website using 'http://sharepoint.web.app01' I get asked for a username and password in a dialog box (as though its using basic authentication - which its not). If I enter in my account details I am then given access to the website.
However if I access the website using 'http://app01:85' (port 85 was another host identity that I setup in IIS for this particular site) I am not prompted for a username and password and have access as I would have expected.
Basically it appears that if I use a host header which is different to the name of the computer, integrated authentication doesn't work as expected. I would however like to get it working since some applications that I run don't support the popup username and password dialog box (not to mention that its a complete pain).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I access the site 'http://sharepoint.web' I get asked for a username and password (not 'http://sharepoint.web.app01' as I posted in my question).