Last post Aug 08, 2017 06:25 AM by sirberus
Feb 17, 2010 05:24 PM|Stew312|LINK
Good afternoon gentlemen (and ladies). I'm having an IIS issue this week, and while the site in question is classic ASP I'm assuming the same might apply to .NET troubleshooting, so I figured I'd try a post here as this site has enough traffic to possibly
solicit some answers. 8 hours of Google hasn't turned up anything helpful.
The issue: Recently we moved a large website to a new server, and I have been tasked with re-configuring some IIS settings to allow the site to function as it did previously. The site is run on Ektron CMS, which I fear might be related and I don't have
any experience with that system. Anyway, the site is set for anonymous access but we have an admin section set to Basic Authentication for access to those with local accounts. Long story short, we pull back AUTH_USER from the server variables to store in
a database for 'last modified by' reporting. No matter what I do in IIS and NTFS, I haven't been able to receive values in ANY of the following server variables:
..They all show up blank. The admin directory is prompting for username/password, and seems to validate just fine. I do NOT have 'Enable anonymous access' checked, and fooling with 'Integrated' vs. 'Basic' authentication does infact change the prompt message.
Both allow me to login with my local account. Now, why would AUTH_TYPE (and others) not show me any data if the site is authenticating without anonymous access? Maybe the CMS has some conflicts? The Authentication Mode for the site is set to 'Forms', and
I have tried a number of things. I am modifying IIS settings at the 'admin' folder level, and reviewing the properties of the pages in question show me that the settings have propogated properly. An interesting test showed me that:
> Setting 'Deny="?"' (at the admin level) in my web config will forward the user on to the CMS login portion of the website after I login to the admin section. This would tell me that even after a login, some portion of the site still things I am anonymous,
but some part validated enough to satisfy IIS? So the question is, which part thinks I'm anonymous even after I login? Same happens for all users, naturally.
IIS 6, Windows Server 2003 R2, ASP .NET framework 2.0.
Feb 17, 2010 11:28 PM|crajeshbe|LINK
Hi Good day,
Plz try this step :
Here you need to set your security level low in IE8.
1. go to tools menu --> internet options
2. on security teb --> security zone --> set it to medium..
this is the problem of security setting only..
please read this : http://codeigniter.com/forums/viewthread/121637/
Feb 18, 2010 11:07 AM|Stew312|LINK
Thanks for the info. Unfortunately I am running IE7, and modifying the security settings don't show anything progress. I changed my settings to 'Low' and I am still seeing:
..all blanks. hmm.
Feb 19, 2010 09:38 AM|Stew312|LINK
No one has any ideas?
Feb 22, 2010 10:58 AM|Stew312|LINK
Feb 23, 2010 12:48 AM|Gary yang - MSFT|LINK
Now, why would AUTH_TYPE (and others) not show me any data if the site is authenticating without anonymous access?
If you hope the Browser remember the credential for the particular site. I think you should do some configuration on Browser.
Please refer to the following steps:
1. Tools->Internet Options-> Security->Custom Level->User Authentication.
2. You can enable one of the login option that provid by Browser.
Feb 23, 2010 10:40 AM|Stew312|LINK
Thanks Gary. I do have my browser set as 'Automatic Login for Intranet Zone only'.
The issue is that the site was moved to a new server, and immediately no one acting as an admin could complete data edits due to the server variables being blank, so it's not just my browser seeing the issue. Site was working fine, moved servers, AUTH_TYPE,
AUTH_USER and other server variables are not being populated now. No changes to browser settings or code, only the server, which would lead me to believe server settings somewhere are the culprit.
Feb 25, 2010 09:37 AM|Stew312|LINK
Aug 12, 2010 04:21 PM|tad_n|LINK
I had the same issue, and google was useless. For me this was not a browser issue. I had to configure IIS 7 to use NT authentication using add/remove features
then I had to use IIS 7 manager to update authentication
anon authentication disabled
forms authentication disabled
windows authentication enabled
for some reason IIS kept turning anonymous authentication back on as I tried things... Good luck. maybe I'm getting o=ld, but IIS 7 is turning into a major roadblock when moving apps from iis6/5.
Aug 08, 2017 06:25 AM|sirberus|LINK
Jesus tapdancing **** 7 years later and this was the only place I could find an answer to this infuriating question! Many thanks, tad_n, for bothering to post this. Disabling Anonymous Authentication was the trick. IIS 8.5 now.