• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 775
  • Last Modified:

ASP.Net page popping "Enter Network Password" dialog ...


I am currently working on a ASP.Net app on windows 2003 server.

I am using Forms Authentication...

Some of the ASP.Net pages throw the "Enter Newtwork Password" dialog box.
if i press "Cancel" the dialog goes away and i get the desired ASP.Net page
and i am able to perform the desired functionality on the page...

Say i entered the network credential this goes away altogether and doesn't
happen on any of the pages again until i reboot the server..

In IIS 6.0 , under Authenticated and Access control , i have anonymous access enabled.

I have also checked the "Integrated Windows Authentication" checked...

Any Ideas why this is happening ..

regards,
-Ganesh
0
ganeshpai
Asked:
ganeshpai
  • 8
  • 4
  • 4
  • +4
2 Solutions
 
AerosSagaCommented:
Make sure your IIS Virtual Directory Is marked as an application, that is it has an application name.
0
 
AerosSagaCommented:
If you checked use Integrated Windows Authentication is it safe to assume you are  trying to impersonate a windows account?
0
 
AerosSagaCommented:
You should only  need both if you plan to authenticate with forms and then use ntfs permissions as well.
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
AerosSagaCommented:
does your web.config have something like so:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
      <appSettings>
<add key="SiteDB" value="Provider=Microsoft.Jet.OleDb.4.0;Data Source=C:\Inetpub\wwwroot\SavoyFurniture\Includes\Site.mdb;"></add>
      </appSettings>
      <system.web>
            <compilation defaultLanguage="vb" debug="true" />
            <customErrors mode="Off" />
            <authentication mode="Forms">
                  <forms loginUrl="~/Admin/Login.aspx" />
            </authentication>
            <identity impersonate="false" />
            <authorization>
                        <allow users="*" />
            </authorization>
            <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
            <globalization requestEncoding="utf-8" responseEncoding="utf-8" />
      </system.web>
</configuration>
0
 
ganeshpaiAuthor Commented:
everything is setup right.., Web App has a application name under the virtual directory props..
0
 
ganeshpaiAuthor Commented:
I had tried removing windows authentication and i still get the problem, so the problem is not around this..

Once again , this doesn't happen on all the pages..., here are the most important peices
of web.config...

<customErrors mode="On" defaultRedirect="CustomError.aspx" />

<authentication mode="Forms">
            <forms loginUrl="SelectABC.aspx"/>
</authentication>

<identity impersonate="false" />

            <authorization>
                <deny users="?"/>
                <allow users="*"/>
            </authorization>

ABC_DocRetrieval  is  the directory under my virtual....

  <location path="ABC_DocRetrieval/Admin">
    <system.web>
      <authorization>
         <allow roles="ADMIN" />
         <deny users="*" />
      </authorization>
    </system.web>
  </location>
0
 
platinum505Commented:
to make sure its not a network issue use a fully qualified name for the website

say instead of using http://server/site/page.aspx

use fully qualified name http://server.domain/site/page.aspx


this actually solved the problem for me


Kamalakar

0
 
tusharashahCommented:
What is written under your Authorization tag?


If you dont want to promt for username it should be like following:

----------------------------------------------------------------
<authorization>
        <allow users="*" /> <!-- Allow all users -->
</authorization>
----------------------------------------------------------------

Paste your Web.Config if you still have similar results.

-tushar
0
 
tusharashahCommented:
Remove follwing tag from <authorization>

 <deny users="?"/>  <!-- This actually deny all users who is not authenticated

-tushar
0
 
ganeshpaiAuthor Commented:
Kamalakar,

I am using a fully qualified name for my application..
0
 
ganeshpaiAuthor Commented:
Tushar,

What my authorization does is,

diallows all unauthorized people and allows everybody else...

Ganesh
0
 
ganeshpaiAuthor Commented:
Once again , this looks like a combination of things...,This behavior doesn't happen on all the pages...
0
 
raterusCommented:
sounds like one resource (page/image/anything) doesn't have permissions for the anonymous account.  If you check anonymous authentication, IIS will never get to use integrated windows authentication, they can't be combined because using anonymous authentication is the path of least resistance.
0
 
ganeshpaiAuthor Commented:
Praneetha-

I have already done everything that is being mentioned about setting up anonumous access to the site , i still have the problem..

Any other suggestion guys..?
0
 
praneethaCommented:
Some part of your application is trying to do something behind the scenes that requires admin privileges(as raterus said), and you are getting this box because the application is using the IUSR_ account.

now for a while make iusr_account administrator and see if that does any good and if that does not happen you know it's something to do with access privileges
0
 
raterusCommented:
you're going to have to find some common resource that all the pages that cause this box try to access.  The easiest thing I can think of is that it is an image.
0
 
ganeshpaiAuthor Commented:
the pattern i am observing is , this might happen due to validator controls.

I know this might sound stupid ..., But hey we removed the validator controls from couple
of pages and we don't get this dialog box asking for credential, can it be so that
after the aspx page is rendered its trying to access the standard java script code for
the validation control , which it cannot ??? If so any solutions how to fix it...

0
 
raterusCommented:
give access to the anonymous user IIS runs under to the aspnet_client in your wwwroot folder.
0
 
raterusCommented:
that would be the aspnet_client FOLDER!  Also, drill down and make sure the file WebUIValidation.js still has those permissions set.
0
 
jnhorstCommented:
I think raterus is right in pointing out the permissions issue on the aspnet_client folder that has the script file for validation.  But there's a few things about authentication that need to be looked at.  You have this in your web.config:

<identity impersonate="false" />

Even though you are using anonymous auth, if you are not impersonating, you are trying to access the aspnet_client folder under the security context of the local ASPNET account.  If you set the identity tag to impersonate="true" AND you are using anonymous auth, the access if being attempted under the context of the account specified in IIS to authenticate anonymous requests (usually IUSR_<machine name>).  You can always grant the local ASPNET account the permissions on aspnet_client to solve this, but it will not help when you deploy because the ASPNET account on the target server is local to the server.  You'll have to change it as well.

The most consistent way to handle these issues is to set impersonate="true" and then create a domain or AD account that will be used only for authenticating anonymous reqeusts.  Set the IIS on your server(s) and your dev box(es) to use this account.  If you are accessing a SQL Server database, make sure to create a Windows User Login for this account and give it permissions to any databases the app might use.  Then make sure this account has the necessary permissions to the wwwroot folder on your dev box(es) and server(s) .  The aspnet_client folder is under wwwroot, so the account will have permissions to it as well.

This way you will always know what security context things are happening under whether you use anon auth or require users to authenticate.

John
0
 
ganeshpaiAuthor Commented:
raterus ,praneetha

I will try this out today,and will let you guys know..
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

  • 8
  • 4
  • 4
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now