IIS 6 authentication problem from iPad mobile Safari browser
Posted on 2010-09-02
I have an intranet site running on SBS 2003. Authentication used is IWA. The site also has a public IP assigned to it so users can connect over the internet by providing their usernames and passwords when prompted. The problem we are seeing is when a user tries to connect to the site via iPad mobile Safari. The user is intermittently prompted to enter credentials repeatedly even though authentication has already been successfully completed. The frequency of the prompts is fairly random, sometimes allowing them to use the site uninterrupted for 15-20 minutes and other times prompting at nearly every request to the server. This is obviously very frustrating.
I have already tried a few things but nothing seems to be working. I tried updating the value of AuthPersistSingleRequest to false so that the authentication would not be required with every single request. I tried enabling Basic Authentication (over SSL) because I'd read that there might be issues with the NTLM handshake. I'm not sure exactly what is the problem here.
Looking at the IIS 6 logs I do see a number of 401 errors logged, but strangely these get logged even when the requests are successful. I imagine that has to do with there being an attempt to authenticate anonymously first before passing the credentials. I usually in these cases see a 401.2 followed by a 401.1 and then a 200 status code.
I would like to leave IWA enabled if possible because the users on the LAN should not need to prompted for credentials when they are already logged in to the domain. Any suggestions or referrals to resources on this matter would be greatly appreciated.