WWW-Authenticate header error

Posted on 2006-06-15
Last Modified: 2008-05-29
I have a SonicWall SSL-VPN 2000 hardware VPN box that users use to connect to a 2003 Server.  The server hosts e-mail, files, and Sharepoint.  You can create links to internal web services and it passes the credentials to the resource.  When I follow a link to the sharepoint intranet site, I get the following error:

TTP/1.1 401 Unauthorized Content-Length: 1656 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="server.nwi.local" X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: Date: Thu, 15 Jun 2006 16:09:02 GMT Connection: close You are not authorized to view this page
You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.  

I assume it's something to do with how the device is passing the credentials to the web server.  What settings would I need to change on the IIS site to allow it to accept WWW-Authenticate headers?
Question by:itgrouptn
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
LVL 22

Expert Comment

ID: 16915481

Bear in mind that basic authentication *IS NOT* considered to be secure unless done over https. It is the simplest method of authentication, and as such virtually every browser supports it.

If you want to understand more about how it all works, then:

will give you a good overview.


Expert Comment

ID: 16918282
Can you tell us whats there in IIS logs for this whole thing. Or just copy paste the whole communication frm the iis logs..

Expert Comment

ID: 16918291
And does it work fine when being accessed from a directly connected machine?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 16930354
This is over https.  Authentication works perfectly when accessing it directly or over VPN.  This issue only surfaces when the VPN hardware device tries to authenticate on behalf of the client.  It may be an issue with trusted delegation.  Basic authentication and integrated windows authentication is enabled.  I'll post the IIS logs shortly.

Author Comment

ID: 16930410
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2006-06-18 17:58:36
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2006-06-18 17:58:36 GET /_vti_bin/owssvr.dll - 443 - Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254

2006-06-18 18:04:08 GET /_vti_bin/owssvr.dll - 443 - Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254

Here are two separate attempts to connect via the VPN box.
LVL 22

Expert Comment

ID: 16930510
>This is over https.  Authentication works perfectly when accessing it directly or over VPN.  This issue only surfaces when >the VPN hardware device tries to authenticate on behalf of the client

I think that you need to be looking at the configuration of the VPN Hardware rather than the client/server? VPN hardware is supposed to be (as neart as dammit!) transparent!

Expert Comment

ID: 16933183
I think your vpn box is the problem. Its not able to forward the integrated authentication. So what you can do is you can use ssl with Basic authentication for Sharepoint website.


Author Comment

ID: 16940029
I have basic authentication enabled for the sharepoint site and it is restricted to SSL.  The link I created to exchange webmail works fine, so I think it's something specific to SharePoint.

Accepted Solution

ansh_gupta earned 500 total points
ID: 16940304
Yes sharepoint is not supposed to be working from outside. remember that.. Basic auth may not work with sharepoint coz it has ISAPI filters and extensions which ask for integrated auth. thats y its not supposed to work frm outside.

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sharepoint online 3 58
Create Task List as an icon on Home Page 6 51
Windows 8.1 HP issues 11 95
File share migration to Sharepoint online 5 33
These days socially coordinated efforts have turned into a critical requirement for enterprises.
When using a search centre, I'm going to show you how to configure Sharepoint's search to only return results from the current site collection. Very useful when using Office 365 with multiple site collections.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question