Basic Authentication in IIS6 not accepting username/password

We have a remotely hosted dedicated server running Windows Server 2003.  We have a bunch of Virtual Directories setup and for one of them we want to restrict access using Basic Authentication.

When we enable both Integrated and Basic, the login prompt appears as expected and our username/password is accepted.  However, if we disable Integrated (which our client is asking us to do but we don't know why), the Basic Auth prompt appears, we put the same username/password in and it just re-shows the login prompt with the usual 3-strikes and your out result.

We've tried adding a domain name to the HTTP Headers list and then typing this in the defaultdomain field in the ISS properties of the Virtual Directory but it makes no difference.

If we enable the 'allow anonymous' option then the Virtual Directory works fine.  Why not with Basic Auth?

Jay.
jammy-d0dgerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

canaliCommented:
Can you report the error  received (401.1   401.2 )?
can u post some line of the log file ?
tried at the auth prompt to enter: nameOfTheServer\username  and password
Gas
0
jammy-d0dgerAuthor Commented:
Hi Canali,

We get this error:
"HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration."

An example of a log entry when auth fails is:
2006-06-19 22:09:54 W3SVC19066 88.xxx.xxx.xxx GET /secureba/ - 80 - 84.xxx.xxx.xxx HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) - - 401 2148074254 1873 327 31

Tried name of server and username... makes no difference :(

Boy I hope you can help... Integrated Auth works fine.... So confused!
0
jammy-d0dgerAuthor Commented:
to anyone that falls foul of Fasthosts Dedicated Servers.... we have solved the issue ourselves:

I don't think you'd have ever guessed the problem as it did indeed turn out to be related to the setup of dedicated servers at Fasthosts.  They have a system called Matrix Control Panel which among other things has a security option on it.  You can enable secure folders through their web-based gui, and it gives you a dialog very similar to the standard challenge/response when you try and browse to a secure folder.  However, it uses it's own ISAPI Filter which is applied at the top level 'Web Sites' properties level.  So even if you haven't got this bespoke security enabled on the domain in question, it is still intercepting any Login attempts.  As soon as we removed the Filter and restarted IIS, the Basic Authentication started working properly.  Many thanks for your initial reply Canali.

I just wanted to share this solution for any other unsuspecting Fasthosts customers.

Case closed.
0
canaliCommented:

ok
Bye Gas
0
DarthModCommented:
PAQed with points refunded (500)

DarthMod
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.