Windows Authentication in ASP.NET 2.0

  • Thread starter Thread starter lgalusha
  • Start date Start date
L

lgalusha

We creating intranet web pages which run under ASP.NET and IIS 6.

We don't want the user to have to type a password so we are using Windows
Authentication.

The web.config file has the following set:

<authentication mode="Windows"/>
<identity impersonate="true"/>

In IIS, the only item checked under the Authentication Methods parameters is
"Integrated Windows Authentication".

We have set the NTFS permissions on each folder that contains a web app so
that the NTFS permissions determine who gets access to each app.

We have also set our internal domain via group policy to be a trusted domain
in IE so that we don't run in to any problems because IE thinks our apps are
internet sites.

We seem to have everything set correctly and users can get on and use the
apps just fine. However several times a week users start getting prompted
for credentials and no matter what they type the credentials are not
accepted. If we do an IISReset on the offending server the problem
disappears for a few days.

Any ideas?
 
Hi lgalusha,

From your description, you have an ASP.NET 2.0 application configured as
windows authentication(impersonate) and hosted in IIS6, it works well, but
will always start asking client for login credentials after a week, correct?

Based on my experience, such problem is possibly caused by following
problems:

1. security permission, when the user visit a page, that page may also link
to some other resources(such as image, css sheet, .......), and if such
linked resource deny the access of the current user, IIS will also return
error and let browser prompt for new credentials. You can check whether it
is always when a particular page is visited when the problem occur, or it
randomly occur on different page (which may work some time but not other
time).

2. When ASP.NET's worker process recycle, there will also occur such
behavior as the security context of the running process(worker threads in
it) or new started one are inconsistent. For this case, you can check the
server's application event log to see whether there is any entry indicate
that the ASP.NET worker process is recycled.

In addition, you can try creating simplified application with less page and
code logic to repro the problem, this can help simplify our troubleshooting
in a development environment.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================



This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top