Solved

ASP.Net page popping "Enter Network Password" dialog ...

Posted on 2004-10-05
23
764 Views
Last Modified: 2012-06-27

I am currently working on a ASP.Net app on windows 2003 server.

I am using Forms Authentication...

Some of the ASP.Net pages throw the "Enter Newtwork Password" dialog box.
if i press "Cancel" the dialog goes away and i get the desired ASP.Net page
and i am able to perform the desired functionality on the page...

Say i entered the network credential this goes away altogether and doesn't
happen on any of the pages again until i reboot the server..

In IIS 6.0 , under Authenticated and Access control , i have anonymous access enabled.

I have also checked the "Integrated Windows Authentication" checked...

Any Ideas why this is happening ..

regards,
-Ganesh
0
Comment
Question by:ganeshpai
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 4
  • +4
23 Comments
 
LVL 17

Expert Comment

by:AerosSaga
ID: 12229600
Make sure your IIS Virtual Directory Is marked as an application, that is it has an application name.
0
 
LVL 17

Expert Comment

by:AerosSaga
ID: 12229655
If you checked use Integrated Windows Authentication is it safe to assume you are  trying to impersonate a windows account?
0
 
LVL 17

Expert Comment

by:AerosSaga
ID: 12229671
You should only  need both if you plan to authenticate with forms and then use ntfs permissions as well.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Expert Comment

by:AerosSaga
ID: 12229702
does your web.config have something like so:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
      <appSettings>
<add key="SiteDB" value="Provider=Microsoft.Jet.OleDb.4.0;Data Source=C:\Inetpub\wwwroot\SavoyFurniture\Includes\Site.mdb;"></add>
      </appSettings>
      <system.web>
            <compilation defaultLanguage="vb" debug="true" />
            <customErrors mode="Off" />
            <authentication mode="Forms">
                  <forms loginUrl="~/Admin/Login.aspx" />
            </authentication>
            <identity impersonate="false" />
            <authorization>
                        <allow users="*" />
            </authorization>
            <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
            <globalization requestEncoding="utf-8" responseEncoding="utf-8" />
      </system.web>
</configuration>
0
 

Author Comment

by:ganeshpai
ID: 12229706
everything is setup right.., Web App has a application name under the virtual directory props..
0
 

Author Comment

by:ganeshpai
ID: 12229869
I had tried removing windows authentication and i still get the problem, so the problem is not around this..

Once again , this doesn't happen on all the pages..., here are the most important peices
of web.config...

<customErrors mode="On" defaultRedirect="CustomError.aspx" />

<authentication mode="Forms">
            <forms loginUrl="SelectABC.aspx"/>
</authentication>

<identity impersonate="false" />

            <authorization>
                <deny users="?"/>
                <allow users="*"/>
            </authorization>

ABC_DocRetrieval  is  the directory under my virtual....

  <location path="ABC_DocRetrieval/Admin">
    <system.web>
      <authorization>
         <allow roles="ADMIN" />
         <deny users="*" />
      </authorization>
    </system.web>
  </location>
0
 
LVL 2

Expert Comment

by:platinum505
ID: 12229899
to make sure its not a network issue use a fully qualified name for the website

say instead of using http://server/site/page.aspx

use fully qualified name http://server.domain/site/page.aspx


this actually solved the problem for me


Kamalakar

0
 
LVL 18

Expert Comment

by:tusharashah
ID: 12229901
What is written under your Authorization tag?


If you dont want to promt for username it should be like following:

----------------------------------------------------------------
<authorization>
        <allow users="*" /> <!-- Allow all users -->
</authorization>
----------------------------------------------------------------

Paste your Web.Config if you still have similar results.

-tushar
0
 
LVL 18

Expert Comment

by:tusharashah
ID: 12229910
Remove follwing tag from <authorization>

 <deny users="?"/>  <!-- This actually deny all users who is not authenticated

-tushar
0
 

Author Comment

by:ganeshpai
ID: 12229967
Kamalakar,

I am using a fully qualified name for my application..
0
 

Author Comment

by:ganeshpai
ID: 12229990
Tushar,

What my authorization does is,

diallows all unauthorized people and allows everybody else...

Ganesh
0
 

Author Comment

by:ganeshpai
ID: 12230000
Once again , this looks like a combination of things...,This behavior doesn't happen on all the pages...
0
 
LVL 33

Expert Comment

by:raterus
ID: 12230448
sounds like one resource (page/image/anything) doesn't have permissions for the anonymous account.  If you check anonymous authentication, IIS will never get to use integrated windows authentication, they can't be combined because using anonymous authentication is the path of least resistance.
0
 

Author Comment

by:ganeshpai
ID: 12230545
Praneetha-

I have already done everything that is being mentioned about setting up anonumous access to the site , i still have the problem..

Any other suggestion guys..?
0
 
LVL 15

Accepted Solution

by:
praneetha earned 150 total points
ID: 12230587
Some part of your application is trying to do something behind the scenes that requires admin privileges(as raterus said), and you are getting this box because the application is using the IUSR_ account.

now for a while make iusr_account administrator and see if that does any good and if that does not happen you know it's something to do with access privileges
0
 
LVL 33

Expert Comment

by:raterus
ID: 12230613
you're going to have to find some common resource that all the pages that cause this box try to access.  The easiest thing I can think of is that it is an image.
0
 

Author Comment

by:ganeshpai
ID: 12230671
the pattern i am observing is , this might happen due to validator controls.

I know this might sound stupid ..., But hey we removed the validator controls from couple
of pages and we don't get this dialog box asking for credential, can it be so that
after the aspx page is rendered its trying to access the standard java script code for
the validation control , which it cannot ??? If so any solutions how to fix it...

0
 
LVL 33

Expert Comment

by:raterus
ID: 12230697
give access to the anonymous user IIS runs under to the aspnet_client in your wwwroot folder.
0
 
LVL 33

Assisted Solution

by:raterus
raterus earned 350 total points
ID: 12230719
that would be the aspnet_client FOLDER!  Also, drill down and make sure the file WebUIValidation.js still has those permissions set.
0
 
LVL 10

Expert Comment

by:jnhorst
ID: 12234068
I think raterus is right in pointing out the permissions issue on the aspnet_client folder that has the script file for validation.  But there's a few things about authentication that need to be looked at.  You have this in your web.config:

<identity impersonate="false" />

Even though you are using anonymous auth, if you are not impersonating, you are trying to access the aspnet_client folder under the security context of the local ASPNET account.  If you set the identity tag to impersonate="true" AND you are using anonymous auth, the access if being attempted under the context of the account specified in IIS to authenticate anonymous requests (usually IUSR_<machine name>).  You can always grant the local ASPNET account the permissions on aspnet_client to solve this, but it will not help when you deploy because the ASPNET account on the target server is local to the server.  You'll have to change it as well.

The most consistent way to handle these issues is to set impersonate="true" and then create a domain or AD account that will be used only for authenticating anonymous reqeusts.  Set the IIS on your server(s) and your dev box(es) to use this account.  If you are accessing a SQL Server database, make sure to create a Windows User Login for this account and give it permissions to any databases the app might use.  Then make sure this account has the necessary permissions to the wwwroot folder on your dev box(es) and server(s) .  The aspnet_client folder is under wwwroot, so the account will have permissions to it as well.

This way you will always know what security context things are happening under whether you use anon auth or require users to authenticate.

John
0
 

Author Comment

by:ganeshpai
ID: 12236618
raterus ,praneetha

I will try this out today,and will let you guys know..
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this Article, I will provide a few tips in problem and solution manner. Opening an ASPX page in Visual studio 2003 is very slow. To make it fast, please do follow below steps:   Open the Solution/Project. Right click the ASPX file to b…
ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

634 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question