We have a remotely hosted dedicated server running Windows Server 2003. We have a bunch of Virtual Directories setup and for one of them we want to restrict access using Basic Authentication.
When we enable both Integrated and Basic, the login prompt appears as expected and our username/password is accepted. However, if we disable Integrated (which our client is asking us to do but we don't know why), the Basic Auth prompt appears, we put the same username/password in and it just re-shows the login prompt with the usual 3-strikes and your out result.
We've tried adding a domain name to the HTTP Headers list and then typing this in the defaultdomain field in the ISS properties of the Virtual Directory but it makes no difference.
If we enable the 'allow anonymous' option then the Virtual Directory works fine. Why not with Basic Auth?