Solved

WebDAV authentication

Posted on 2006-11-08
7
809 Views
Last Modified: 2009-07-29
There may be no answer for this one but I am giving it one last shot. I have configured WebDAV on IIS 6 so users can access home drives from outside our organization. I removed all authentication but Basic (using SSL) and added our domain (I do not have anonymous log on for the server or any virtuals). On the virtual directories I have checked "Always use the authenticated user's credentials when...." along with Read, Write and Dir Browsing. ACL's are set to give the users modify (even tried full control). I created a simple page that the user clicks a link to open the page. So here is what happens:

go to site - user is asked for authentication
user clicks on link - user is asked for authentications again
user clicks on a document - user is asked for autentication again

I would think that with the virtuals set to pass on the credentials we should not see this. I have tried to set the IE web browser to "Automatic logon with users logon and password". I have tried removing the domain from Basic auth. I have tried domain\user for logon. I have verified the server variables (username and password) are on the server correctly. It seems to be unfixable at this point and may have to live with it but incase anyone else has an answer...   Please do not forward me EE articles I have read them all, one person gave up on finding the solution I am just having some hope.
0
Comment
Question by:adom27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17899383
Does this also happen with systems connected from inside your network or just external users?  Is your web server a member of an AD domain?

Pass-through authentication makes use of the netlogon service.

On the client side (basically):

1.  Computer finds a DC and authenticates its computer account
2.  User authenticates to domain
3.  DC issues access token to client and netlogon sevice is started
4.  When client atempts to access domain resource server challenges client for authorization
5.  Client's netlogon service intercepts challenge and passes access token provided by DC
6.  Server validates access token with DC and allows access per permissions/rights sets

Unless both your clients and the web server are authenticated to the domain simple pass-though authentication is not going to work for you.
0
 
LVL 1

Author Comment

by:adom27
ID: 17899547
Thank you CharliePete00.

Yes the webserver is an AD member and it happens inside and outside the network.

So is my assumption correct that there is no way around this issue?
0
 
LVL 7

Accepted Solution

by:
CharliePete00 earned 500 total points
ID: 17899632
You are correct...


...but you said this also happens with users inside the network?  If those users are logged on to the network this should not be happening for them.
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 
LVL 1

Author Comment

by:adom27
ID: 17899796
I only have basic auth on to force authentication. I do not have intergrated turned on.
0
 
LVL 1

Author Comment

by:adom27
ID: 17899912
So here is another wrench. It acts differently every session. Sometimes it for auth on parent and subfolders. Sometimes is it is only subfolders, sometimes it is only files. It does not happen on other browsers though. Could this be a behavior of web folders?
0
 
LVL 1

Author Comment

by:adom27
ID: 17899917
"It does not happen on other browsers though"

Other then IE, like firefox.
0
 
LVL 1

Author Comment

by:adom27
ID: 17906858
Thank you for the info Charlie, I am going to close and consider this a bug. If any one does have an answer please email me.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question