If you wish to track users via authentication from a website, make sure that
Anonymous access is DISABLED. Browsers default to anonymous access, meaning
if you have it enabled on the website, it is impossible to display
customized content by user identity since everyone will show up as
"anonymous".
Furthermore, browsers can be configured to "auto-authenticate" to a website
depending on the Security Zone of the website, as configured on the client
browser. This will affect whether you will see a login popup window or not
when you browse to this website.
As for allowing the "office chart applet to run" on the user's browser, that
is totally a client browser configuration. The issue is that your web page
is asking the web browser to run the chart applet in the browser, which is a
privileged operation (namely, the browser doesn't know the difference
between a "chart applet" program and a "hacker program", so for safety
reasons you need to tell the browser it's ok to allow it to run -- adding
the website to "Trusted" is one way to do this). Obviously, this has
NOTHING to do with authentication on the server as this a client-side
configuration.
FYI: adding websites to "Intranet" or "Trusted" group is not going to solve
this problem. Namely, just because a browser "trusts" a website, it does
not mean it's going to authenticate to it (browsers do not authenticate to
websites unless forced to). You need to configure the server to force
authentication. You may choose to force the user to have to login as well.
Thus, this is more a user configuration issue and not a problem with IIS6.
Security requires customization, and users are responsible for configuring
it to their satisfaction.
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Natalia" <natalia.TakeThisOut@natuscape.com> wrote in message
news:0a2701c3daab$1062f790$a501280a@phx.gbl...
Hi Jeff,
Actually, Integrated Authentication IS enabled, and this
worked fine with Windows 2000. I have tried adding the
website to a user's Intranet group, but that didn't fix
the problem; also I need to have the website in the
Trusted group for an office chart applet used in some
database applications.
Any other thoughts on what could be happening here? Is
there some special/new setting in the permissions that we
might have overlooked?
Thanks!!
Natalia
>-----Original Message-----
>On Tue, 13 Jan 2004 11:51:13 -0800, "Natalia"
<natalia.TakeThisOut@natuscape.com>
>wrote:
>
>>I have sort of the same problem, but in my case I want
>>users to be identified by the website (an intranet)
using
>>integrated authentication. The anonymous thing works,
but
>>I need to track them so I can give them user-specific
>>content and can control access to restricted areas. This
>>worked perfectly on Win2000 with IIS5. Why doesn't it
work
>>now??
>
>Okay, I'll reverse my response to the previous poster.
Have you
>enabled authentication in the web site? Specifically,
Windows
>Integrated, and make sure that the intranet domain is
either the same
>as the user's domain or in the intranet zone in IE's
security tab.
>
>IE will pass the credentials transparently, so you *may*
be
>authenticating and not know. Try:
>
><% Response.Write Request.ServerVariables("LOGON_USER") %>
>
>Jeff
>
>>>-----Original Message-----
>>>On Tue, 13 Jan 2004 10:30:45 -0800, "ks"
>>><anonymous.TakeThisOut@discussions.microsoft.com> wrote:
>>>
>>>>I have two problems with my 2003 server...I have
>>recently
>>>>upgraded to win 2003 from w2k server...I didn't have
any
>>>>problems upgrading it...my website was working
>>fine...then
>>>>i installed some critical updates and a partition
>>software
>>>>(Acronis partition Expert)..rebooted the
machine...since
>>>>then my website (which was enabled for anonymous
access)
>>>>is asking for username and password...I went thru all
>>>>ACLs ...changed them to all possible
combinations...but
>>it
>>>>was still asking for username and password to our
>>website
>>>>users...then i decided to restore previous system
state
>>>>from my backup tape...it complained about Active
>>Directory
>>>>running...then I rebooted the machine ...to my
surprise
>>I
>>>>could not see "Advanced Startup options" (with F8 key
at
>>>>the reboot)....Can any one please help me...It's very
>>>>critical for me to get the website up with anonymous
>>>>access....
>>>
>>>Have you simply enabled anonymous access and removed
>>authentication
>>>for the site in question? Web site Properties ->
>>Directory Security
>>>-> Authentication and check Anonymous Access. make
sure
>>the anonymous
>>>user, normally the IUSR account, has at least read
>>permission to the
>>>web folders and you should be good to go.
>>>
>>>Jeff
>>>.
>>>
>
>.
><!-- ~MESSAGE_AFTER~ -->
>> Stay informed about: Windows 2003 & IIS 6.0 problems 
FAQ
Search
Profile
Private Messages
Log in/Register/Password
