• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2420
  • Last Modified:

How to get rid of windows authentication box on iis 6.0

I have configured IIS 6 to work with Tomcat 5 on Windows Server 2003. To run JSP pages, i added a virtual directory that points to JSP directory under Tomcat. It is fine along the way until when JSP page is called. It prompt a windows authentication box asking for username and password. How can i get rid of this box? Below is the error i have if i choose to cancel on that box.

#################
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource.
Internet Information Services (IIS)
#################

I have tried:-
1. Enabled the Anonymous Access under IIS -> Security Directory -> Authentication and Access Control -> Authentication Method. The username by default is IUSR_machinename.

2. Added a new permission for Internet User access right on the virtual directory.

It is urgent, please provide your knowledge on this. Thank you in advance!
0
stephenlim
Asked:
stephenlim
  • 2
  • 2
  • 2
  • +1
1 Solution
 
ajaikumarrCommented:
Hai,

Can u please check this... I do not have exposure on Tomcat... But it seems there is an option to set the value request.tomcatAuthentication=false on tomcat.

Bye...
Ajai
0
 
ajaikumarrCommented:
Hai,

And also please make sure that to recheck the following options

Enable Anonymous Access & Integrated Windows Authentication & Allow IIS to control password

Bye
Ajai
0
 
humeniukCommented:
If you're not using IWA, you can just turn it off.  If you are using it, make sure that the anon account has (at least) read permissions for all folders, and also on any relevant executable files related to your JSP pages.
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
stephenlimAuthor Commented:
What is IWA? DOes it cause the authentication windows prompt up? I still cant get it work although i assigned the permission for IUSR_machinename.
0
 
humeniukCommented:
IWA is Integrated Windows Authentication.  You can check if it's on/turn it off by going to your website properties through Internet Services Manager.  Select the Directory Security tab and click Edit beside "Anonymous access and authentication control".  In the Authentication Methods window that opens, make sure the Anonymous access box is checked and the Integrated Windows authentication box (as well as the basic authentication and digest authentication) boxes are not checked.

This will eliminate the windows log on prompt, but you still won't have access to the files if your NTFS permissons are not correct - you'll get a 401.5 unauthorized access error instead.  If so, make sure your IUSR account and IWAM account have permissions to access your whole system32 directory (including subfolders).  If this doesn't resolve the problem, download and use Filemon for Windows (www.sysinternals.com/ntw2k/source/filemon.shtml).  It should help isolate exactly which file(s) are returning the unauthorized access error.
0
 
CyberAdyCommented:
Hi,
Look at the permissions of the JSP file i am sure it doesnt have enough permissions for IUSR_

Thanks and Regards
CyberAdy
0
 
stephenlimAuthor Commented:
Thanks guys, now is working perfectly! Here to close the posted question.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now