IIS 5 & IIS 6
Users are prompted for authentication dialogue box
Last post Mar 26, 2008 07:14 AM by Rovastar
Mar 23, 2008 12:02 PM|mks007|LINK
We have a problem where users are very intermittently seeing the authentication dialogue box pop-up. The website is running on IIS integrated authentication and app pool has its own identity, for most part everything works fine. Suddenly the user will be
prompted for a user ID and password and even the correct user authentication is provided it doesn't move forward. Finally the user will have to close the browser and open a new window and start all over again. It then works fine.
We have the website running on IIS6 in a two node webfarm with SQL 2k5 doing the session management and a SQL2K5 backend database for the application. The application is compiled in .NET3.5 framework.
Please let me know if you need more information to get me some help here.
Thanks in advance everyone for helping.
Mar 24, 2008 05:47 PM|ma_khan|LINK
What happens when the user enters the credentials? does he receive any access forbidden page or does he get the authentication prompt again and again??
Did you check the event logs for any clues?
Mar 24, 2008 09:40 PM|mks007|LINK
It keeps coming back with the same logon window and after 3 tries it gives the message you are not authorized to view this page.
Same process if tried agains works fine without any pop-ups. No errors in the event log.
Mar 24, 2008 10:16 PM|qbernard|LINK
what is the exact error msgs? also take a look in the iis log file? you got 401.x ? what authentication you using ?
Mar 25, 2008 10:06 AM|ma_khan|LINK
"Client Authentication Process: Unlike Basic authentication, Integrated Windows authentication does not initially prompt for a user name and password. The current Windows user information on the client is used for Integrated Windows authentication. If the
authentication exchange initially fails to authorize the user, Internet Explorer prompts the user for a Windows account user name and password, which it processes using Integrated Windows authentication. Internet Explorer prompts the user for the correct user
name and password up to three times. If, however, the user has logged on to the local computer as a domain user, then no authentication is required when the user accesses a network computer in that domain. "
For more Info you can check this
A couple of more things that you might want to check are:
1. Check if the user has the sufficient NTFS permissions on the content.
2. If you are using anonymous authentication then you can also try syncing the IWAM user.
Mar 25, 2008 02:23 PM|mks007|LINK
As you said above all has been checked and verified. The user authentication is not a problem as even after giving the right user name and password the authentication is not succesful.
The users are logged into there machines using a domain account. Hence integrated authentication works fine.
Its somewhere in between, and my best guess is the connectivity to the DB server, where the problem happens. The issue that I am struggling with is how to verify where the problem is happening.
Mar 26, 2008 07:14 AM|Rovastar|LINK
Do what bernard said
'what is the exact error msgs? also take a look in the iis log file? you got 401.x ? what authentication you using ?'
Investigate the http error codes and subcodes that will give you more insight (they are liek 20 subcode for 401 errors) look a time taken and win32 error status too (shoule be the same equivilant as the httperror status) for any clues.
Compare the time of the errors with the SQL server logs for common ground. There shouldn't be anything in the httperr logs but check at that time just in case.
If still no joy.
If it is a regular occurance turn on the SQL profiler tracing and look at IIS tracing too and run these for a limited amount of tiem when the error occurs?
Is it occuring at high load times? Does it ever occur at low load times? You could be hitting some limit of connections.
Still no joy maybe try running a network traffic monitor program like netmon to see something about what is being bounced about.