Solved

IIS Authentication Issue

Posted on 2014-01-31
8
199 Views
Last Modified: 2014-02-06
I have an IIS7 Web site that uses a couple of 3rd party DLL's to genereate barcode images and then renders the page into a PDF, everything works perfectly when I set the site authentication to 'Annonymous'

However, When I set it to 'Windows Authentication' none of the styles/fonts etc.. render properly in the PDF, although the CSS is rendering correctly on other pages in the same site.

I have tried changing the security on the physical directory to full control for everyone (I know, not desired but this is an internal dev server) just to see if that fixes the issue but it does not

Any ideas?
0
Comment
Question by:BrianFord
  • 4
  • 3
8 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39826016
Add the app-pool user to the allowed list
0
 
LVL 77

Expert Comment

by:arnold
ID: 39826244
The issue is likely the locations.
i.e. are all the relevant data within the same location or do you have
non-anonymous access site.com/thisdirectory
while the data rendering is in site.com/someotherdirectory
0
 

Author Comment

by:BrianFord
ID: 39826248
All the data is on the same site, the app pool user is an admin with full access to the server

I'm not sure which allow list you mean?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:BrianFord
ID: 39826328
I just checked the .NET Authorization Rules and access is allowed for ALL users
0
 
LVL 77

Expert Comment

by:arnold
ID: 39826382
Does access to the entire site require authentication? which options do you have enabled: NTLM/integrated, plain text, digest?

Or do you have auth requirement at a specific point i.e. access to a specific section requires authentication.

One intriguing situation, you're using a .NET application but the authentication you are relegating to the IIS.  Since you are creating a custom web app, why not build into it user authentication as well such that you can then have a more granular control over what resources/functions a user or groups of users can access, etc.

Does your .NET application ever use a HTTP.request object?  Do you have within it a check whether it is "prompted" for authorization by IIS and that is where your issue lies?

i.e. you are using AJAX, JTOn, similar query back to IIS?
0
 

Author Comment

by:BrianFord
ID: 39826823
I have to admit at this point to being totally lost:

I have a Sandbox web site and the Production Web site, both are running on the same server, and both are using the same Application Pool, just different ports and home directories

When I publish to the Sandbox which has both Annon and Windows Auth enabled (the rest are disabled) it works perfectly.

When I publish to production it doesn't work, I have checked all settings for both sites and directory security and unless I'm missing something (which I must be) they both look to be configured exactly the same.

I was considering doing what you suggest and building the security into the pages, which I may end up doing but that would be more work than I really have time for at the moment, although you could argue it would be quicker than trying to resolve this problem but I don't like to beaten :)

I'm using a basic "Request.QueryString" to grab a couple of values from the URL, and I have an HttpHandler defined in the web.config for the 3rd party DLL:

<!-- For Barcode rendering-->
          <handlers>
              <add verb="*" path="BarcodeHandler.aspx" type="Bytescout.BarCode.BarcodeHandler" name="BarcodeHandler"/>
          </handlers>
          
      </system.webServer>
    <system.web>
      
      <!-- For Barcode Rendering -->
      <httpHandlers>
          <add verb="*" path="BarcodeHandler.aspx" type="Bytescout.BarCode.BarcodeHandler, Bytescout.BarCode"/> 
      </httpHandlers>

Open in new window


Other than it's a pretty small basic ASPX site.
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 39827228
Double check whether you explicitly set ports that differ on production thus preventing access.
0
 

Author Closing Comment

by:BrianFord
ID: 39839983
Thank you for all your input, I eventually created a whole new site (same server) deployed my app to it and everyting is wotking fine, never really got to teh root issue but at least it's working...... for now :)
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question