We help IT Professionals succeed at work.

Basic Authentication in IIS6 not accepting username/password

jammy-d0dger
jammy-d0dger asked
on
510 Views
Last Modified: 2012-06-27
We have a remotely hosted dedicated server running Windows Server 2003.  We have a bunch of Virtual Directories setup and for one of them we want to restrict access using Basic Authentication.

When we enable both Integrated and Basic, the login prompt appears as expected and our username/password is accepted.  However, if we disable Integrated (which our client is asking us to do but we don't know why), the Basic Auth prompt appears, we put the same username/password in and it just re-shows the login prompt with the usual 3-strikes and your out result.

We've tried adding a domain name to the HTTP Headers list and then typing this in the defaultdomain field in the ISS properties of the Virtual Directory but it makes no difference.

If we enable the 'allow anonymous' option then the Virtual Directory works fine.  Why not with Basic Auth?

Jay.
Comment
Watch Question

CERTIFIED EXPERT

Commented:
Can you report the error  received (401.1   401.2 )?
can u post some line of the log file ?
tried at the auth prompt to enter: nameOfTheServer\username  and password
Gas

Author

Commented:
Hi Canali,

We get this error:
"HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration."

An example of a log entry when auth fails is:
2006-06-19 22:09:54 W3SVC19066 88.xxx.xxx.xxx GET /secureba/ - 80 - 84.xxx.xxx.xxx HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) - - 401 2148074254 1873 327 31

Tried name of server and username... makes no difference :(

Boy I hope you can help... Integrated Auth works fine.... So confused!

Author

Commented:
to anyone that falls foul of Fasthosts Dedicated Servers.... we have solved the issue ourselves:

I don't think you'd have ever guessed the problem as it did indeed turn out to be related to the setup of dedicated servers at Fasthosts.  They have a system called Matrix Control Panel which among other things has a security option on it.  You can enable secure folders through their web-based gui, and it gives you a dialog very similar to the standard challenge/response when you try and browse to a secure folder.  However, it uses it's own ISAPI Filter which is applied at the top level 'Web Sites' properties level.  So even if you haven't got this bespoke security enabled on the domain in question, it is still intercepting any Login attempts.  As soon as we removed the Filter and restarted IIS, the Basic Authentication started working properly.  Many thanks for your initial reply Canali.

I just wanted to share this solution for any other unsuspecting Fasthosts customers.

Case closed.
CERTIFIED EXPERT

Commented:

ok
Bye Gas
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.