Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to get rid of windows authentication box on iis 6.0

Posted on 2004-10-28
7
Medium Priority
?
2,415 Views
Last Modified: 2009-12-16
I have configured IIS 6 to work with Tomcat 5 on Windows Server 2003. To run JSP pages, i added a virtual directory that points to JSP directory under Tomcat. It is fine along the way until when JSP page is called. It prompt a windows authentication box asking for username and password. How can i get rid of this box? Below is the error i have if i choose to cancel on that box.

#################
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)
#################

I have tried:-
1. Enabled the Anonymous Access under IIS -> Security Directory -> Authentication and Access Control -> Authentication Method. The username by default is IUSR_machinename.

2. Added a new permission for Internet User access right on the virtual directory.

It is urgent, please provide your knowledge on this. Thank you in advance!
0
Comment
Question by:stephenlim
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 11

Expert Comment

by:ajaikumarr
ID: 12441370
Hai,

Can u please check this... I do not have exposure on Tomcat... But it seems there is an option to set the value request.tomcatAuthentication=false on tomcat.

Bye...
Ajai
0
 
LVL 11

Expert Comment

by:ajaikumarr
ID: 12441394
Hai,

And also please make sure that to recheck the following options

Enable Anonymous Access & Integrated Windows Authentication & Allow IIS to control password

Bye
Ajai
0
 
LVL 33

Expert Comment

by:humeniuk
ID: 12441456
If you're not using IWA, you can just turn it off.  If you are using it, make sure that the anon account has (at least) read permissions for all folders, and also on any relevant executable files related to your JSP pages.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:stephenlim
ID: 12449873
What is IWA? DOes it cause the authentication windows prompt up? I still cant get it work although i assigned the permission for IUSR_machinename.
0
 
LVL 33

Accepted Solution

by:
humeniuk earned 750 total points
ID: 12450262
IWA is Integrated Windows Authentication.  You can check if it's on/turn it off by going to your website properties through Internet Services Manager.  Select the Directory Security tab and click Edit beside "Anonymous access and authentication control".  In the Authentication Methods window that opens, make sure the Anonymous access box is checked and the Integrated Windows authentication box (as well as the basic authentication and digest authentication) boxes are not checked.

This will eliminate the windows log on prompt, but you still won't have access to the files if your NTFS permissons are not correct - you'll get a 401.5 unauthorized access error instead.  If so, make sure your IUSR account and IWAM account have permissions to access your whole system32 directory (including subfolders).  If this doesn't resolve the problem, download and use Filemon for Windows (www.sysinternals.com/ntw2k/source/filemon.shtml).  It should help isolate exactly which file(s) are returning the unauthorized access error.
0
 
LVL 1

Expert Comment

by:CyberAdy
ID: 12450641
Hi,
Look at the permissions of the JSP file i am sure it doesnt have enough permissions for IUSR_

Thanks and Regards
CyberAdy
0
 

Author Comment

by:stephenlim
ID: 12456159
Thanks guys, now is working perfectly! Here to close the posted question.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question