ISX playlists and web securityRSS

3 replies

Last post Mar 22, 2014 01:32 PM by kolvadw

  • ISX playlists and web security

    Mar 20, 2014 09:58 AM|kolvadw|LINK

    As mentioned previously I am using IIS media services to serve up mp3 files for a whole house automation web site.  I've run into a bit of a problem.  As long as I have the web site set for annonymous access it all works file.  If I switch it to either Basic or NTLM authentication the site not only prompts for the first page (as expected), but also prompts for credentials for each song in the .ISX file.  This can't be the expected behavior...  It's not a permissions issue as all files have access set for the users group and all users are members of that too.  (plus it all works as annonymous).  I keep entering the same username and password and it goes on to the next song...

    Any idea what is causing this and how to fix it?

  • Rovastar Rovastar

    5486 Posts

    MVP

    Moderator

    Re: ISX playlists and web security

    Mar 20, 2014 10:22 AM|Rovastar|LINK

    Are you going through reverse roxies or network kit like load balancers?

    Does administrator account do this?

    Does it work locally?

    Troubleshoot IIS in style
    https://www.leansentry.com/
  • Re: ISX playlists and web security

    Mar 20, 2014 05:19 PM|kolvadw|LINK

    This is a pretty simple home setup there is only the one server.  From the Internet is sits behind a little cisco router.  But the behavior is the same whether I use the Internet name or internal IP for the server.  The behavior is also the same whether I use a regular user account or an account in the admin group.  Under annonymous everything works fine and no prompts.  All files accessible.  I go into IIS manager switch to basic, stop and restart the site and from then on ever song in the .isx file prompts for a username and password.  The initial prompt for the site looks like a Windows prompt and shows my cached username and password.  Once I access a playlist a different plain black and white prompt comes up for each song saying the site uses basic authentication which may not be secure.  Each time I use the cached credentials and click login the next song plays.

    There doesn't appear to be any events logged on the server during this behavior.

    Hope that helps...

  • Re: ISX playlists and web security

    Mar 22, 2014 01:32 PM|kolvadw|LINK

    Ok, while not "answered" I did find a workaround.  I moved the .isx files to a separate annonymous web site and tighted down the security on the calling site that has the home control content.  That way the home control links are secure, but whenever someone selects an album to play the call goes to an IIS playlist on the annonymous site.