| Author |
auth_user is lying ?
|
|
|
| trying to achieve windows authentication on the fly (without the file
configured to deny anonymous access in IIS)
i returned a 401 status if the
Request.ServerVariables("auth_user") = ""
this is OK, the 401 status Code returned with additional headers and the
browser performed windows authentication
and the next time i had auth_user correctly.
but after closing the browser and re-opening it and requesting the same page
again, i get the auth_user filled with the old value without the
authentication being done again!
how can this be?
( i use fiddler to see http comunication between client and server)
TIA.
| |
| Bent Kristiansen 2005-10-30, 7:00 pm |
| What is you environment like when you har getting this problems. Do you have
a server you are deploying to?
If you are on your local machine IE will send the auth_user variable to the
IIS because og the web context is "safe". If you are accessing you
application form another computer you might have to add the name of your
server in the Intranet Zone settings on you IE to allow it to send auth_user
to the server.
I hope I understood your problem correct?
--
Bent Kristiansen
bent.kristiansen(AT)bekk.no
"z f" wrote:
> trying to achieve windows authentication on the fly (without the file
> configured to deny anonymous access in IIS)
> i returned a 401 status if the
> Request.ServerVariables("auth_user") = ""
>
> this is OK, the 401 status Code returned with additional headers and the
> browser performed windows authentication
> and the next time i had auth_user correctly.
> but after closing the browser and re-opening it and requesting the same page
> again, i get the auth_user filled with the old value without the
> authentication being done again!
> how can this be?
> ( i use fiddler to see http comunication between client and server)
> TIA.
>
>
>
| |
|
| it's because fiddler re-use sockets if i restart fiddler it's OK.
"Bent Kristiansen" <bent.kristiansen(AT)bekk.no> wrote in message
news:4FF131E4-858B-4847-B172-3DD78B2CD43C@microsoft.com...[color=darkred]
> What is you environment like when you har getting this problems. Do you
> have
> a server you are deploying to?
>
> If you are on your local machine IE will send the auth_user variable to
> the
> IIS because og the web context is "safe". If you are accessing you
> application form another computer you might have to add the name of your
> server in the Intranet Zone settings on you IE to allow it to send
> auth_user
> to the server.
>
> I hope I understood your problem correct?
>
> --
> Bent Kristiansen
> bent.kristiansen(AT)bekk.no
>
>
> "z f" wrote:
>
|
|
|
|