Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 816
  • Last Modified:

WebDAV authentication

There may be no answer for this one but I am giving it one last shot. I have configured WebDAV on IIS 6 so users can access home drives from outside our organization. I removed all authentication but Basic (using SSL) and added our domain (I do not have anonymous log on for the server or any virtuals). On the virtual directories I have checked "Always use the authenticated user's credentials when...." along with Read, Write and Dir Browsing. ACL's are set to give the users modify (even tried full control). I created a simple page that the user clicks a link to open the page. So here is what happens:

go to site - user is asked for authentication
user clicks on link - user is asked for authentications again
user clicks on a document - user is asked for autentication again

I would think that with the virtuals set to pass on the credentials we should not see this. I have tried to set the IE web browser to "Automatic logon with users logon and password". I have tried removing the domain from Basic auth. I have tried domain\user for logon. I have verified the server variables (username and password) are on the server correctly. It seems to be unfixable at this point and may have to live with it but incase anyone else has an answer...   Please do not forward me EE articles I have read them all, one person gave up on finding the solution I am just having some hope.
0
adom27
Asked:
adom27
  • 5
  • 2
1 Solution
 
CharliePete00Commented:
Does this also happen with systems connected from inside your network or just external users?  Is your web server a member of an AD domain?

Pass-through authentication makes use of the netlogon service.

On the client side (basically):

1.  Computer finds a DC and authenticates its computer account
2.  User authenticates to domain
3.  DC issues access token to client and netlogon sevice is started
4.  When client atempts to access domain resource server challenges client for authorization
5.  Client's netlogon service intercepts challenge and passes access token provided by DC
6.  Server validates access token with DC and allows access per permissions/rights sets

Unless both your clients and the web server are authenticated to the domain simple pass-though authentication is not going to work for you.
0
 
adom27Author Commented:
Thank you CharliePete00.

Yes the webserver is an AD member and it happens inside and outside the network.

So is my assumption correct that there is no way around this issue?
0
 
CharliePete00Commented:
You are correct...


...but you said this also happens with users inside the network?  If those users are logged on to the network this should not be happening for them.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
adom27Author Commented:
I only have basic auth on to force authentication. I do not have intergrated turned on.
0
 
adom27Author Commented:
So here is another wrench. It acts differently every session. Sometimes it for auth on parent and subfolders. Sometimes is it is only subfolders, sometimes it is only files. It does not happen on other browsers though. Could this be a behavior of web folders?
0
 
adom27Author Commented:
"It does not happen on other browsers though"

Other then IE, like firefox.
0
 
adom27Author Commented:
Thank you for the info Charlie, I am going to close and consider this a bug. If any one does have an answer please email me.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now