problem with special characters in password

[Rolf Barbakken]

We have a case where users who are encouraged to have good passwords with
norwegian characters and other special characters cannot login to a ASP.NET
1.0 app.

This problem is discussed in the following article from MSKB:
http://www.kbalertz.com/kb_835388.aspx

Do you know if this problem is fixed in later versions of the framework?
I.e. servicepacks, 1.1 or 2.0.

Thanks.

 

[Joe Kaplan \(MVP - ADSI\)]

What type of authentication is being used, Forms or Windows? If Windows, is
it Basic, Digest or IWA?

Joe K.

 

[Rolf Barbakken]

Windows auth. and IWA (Integrated Windows Auth)

 

[Joe Kaplan \(MVP - ADSI\)]

For IWA, this should be a pure Windows issue, not a .NET issue. The Kbase
article you referred to was discussing Basic authentication.

I have no idea why IWA would not work with non-ASCII characters as Windows
is supposed to have full unicode password support.

When you are using IWA, are users actually being prompted for passwords?
Typically they are not because their current login to the domain is used for
the authentication.

Joe K.

 

[Rolf Barbakken]

Yes they are prompted for username/password.

 

[Joe Kaplan \(MVP - ADSI\)]

Do you know why they are prompted? Are the not logged in to the domain or
something?

In any case, this would not be a .NET issue. It would have to be an IIS or
Windows issue. .NET does not really know or care how the user's logon token
was generated by IIS.

Joe K.

 

[Rolf Barbakken]

Do you know of any such issue with IIS/Windows?

 

[Joe Kaplan \(MVP - ADSI\)]

Not specifically, no, but that doesn't mean it isn't there. You could do a
simple test on an IWA site that just has some static HTML pages or other
things served directly by IIS.

Joe K.

 

[Rolf Barbakken]

Good idea. I will try that.

Thanks, Joe.

Not specifically, no, but that doesn't mean it isn't there. You could do
a simple test on an IWA site that just has some static HTML pages or other
things served directly by IIS.

Joe K.