Last post Oct 01, 2013 11:19 PM by anandps1
Sep 23, 2013 08:29 PM|anandps1|LINK
I have a website and it has SSL encryption enabled for the website. Https is used to access the website. Still one user is complaining that when they try to download the Excel File, they receive this error.
"Access to this Web server is disabled by default. This Web server is controlled by basic authentication, that SSL is not being used. This is why it is disabled". This message is translated from other language into english, so it may be different
what microsoft has provided. The user is using IE9 to access website.
This is a ASP.Net website and is hosted on IIS6. I am not able to reproduce it and none of the other users have reported any issue when they download the excel.
Is there any one who knows what could be the issue?
Sep 24, 2013 10:26 AM|Fuxiang Zhang - MSFT|LINK
Thanks for posting to asp.net forum.
According to your description, I see that the server is configured for Basic authentication.
I think this error is caused by the Microsoft office does not support SSL authentication.
For this issue, Microsoft support has provided a detail introduction and solution.
Melick also come across this problem before and solved it by himself.
Hope this helps, thanks.
Sep 24, 2013 10:39 AM|PatriceSc|LINK
It seems to be an Office message.
Sep 24, 2013 06:09 PM|anandps1|LINK
Thanks for the answer, I looked at it earlier as well, but was not sure if this will fix the issue.
I checked my server. It is not using Basic Authentication. SSL and 128-bit encryption is enabled, and the site can only be accessed using HTTPS.
We have Enable Anonymous Access with userid and password, Integrated Windows Authentication checkboxes checked.
Does this mean its Basic Authentication?
Sep 25, 2013 01:24 AM|Fuxiang Zhang - MSFT|LINK
Thanks for your response.
The Basic authentication method is a widely used industry-standard method for collecting user name and password information.
Basic authentication works as follows:
#If a request requires authentication, the server returns 401 (Unauthorized). The response includes a WWW-Authenticate header,
indicating the server supports Basic authentication.
#The client sends another request, with the client credentials in the Authorization header. The credentials are formatted as the string “name:password”, base64-encoded. The credentials are not encrypted.
For setting web site as Basic authentication.
Sep 25, 2013 03:28 AM|markfitzme|LINK
Basic Authentication, as mentioned, means how the data is passed to the server (this is seperate from the SSL pipe). Other options, such as NTLM, encrypt the password, but non-IE browsers generally don't support it. That was OK back in the day when IE dominated
the landscape, but some proxy servers had issue passing NTLM authentication requests along. The modern landscape though requires basic authentication in order to be truly cross platform.
Try to look through the site's log files to see if you can spot the user's requests. You might find something that surprises you. I've actually had users who complained for weeks about not being able to login only to find that no matter how many times you
verified what they were doing, they were at the wrong website entirely.
Oct 01, 2013 11:19 PM|anandps1|LINK
The fix provided worked. The one user who was facing the issue, installed the fix and there is no issue now.