Authentication issues
in [IIS]
|
Prev: Sending email via IIS and SMTP without a full qualified hostna
Next: In IE - hide file download dialogue and file verify dialogue
From: APA on 13 Apr 2010 16:29 I have a desktop application that polls a .NET web service. The site is set for Windows Integrated Authentication. In the web log I get one request with a resulting 401.2 error then I get a request with a 401.1 error then I see a successful request with the username (the previous requests had no username in the request). The application does not re-issue the requests itself so I was wondering what was going on. below is sample of what is in the logs. 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST /desktopalert/AlertService.asmx - 80 - 190.132.20.218 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) 401 2 2148074254 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST /desktopalert/AlertService.asmx - 80 - 190.132.20.218 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) 401 1 0 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST /desktopalert/AlertService.asmx - 80 RSSS\CulverJB 190.132.20.218 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) 200 0 0
From: Dan on 14 Apr 2010 04:09
"APA" <buddy.a(a)excite.com> wrote in message news:u9hs3f02KHA.4336(a)TK2MSFTNGP04.phx.gbl... > I have a desktop application that polls a .NET web service. The site is > set for Windows Integrated Authentication. In the web log I get one > request with a resulting 401.2 error then I get a request with a 401.1 > error then I see a successful request with the username (the previous > requests had no username in the request). The application does not > re-issue the requests itself so I was wondering what was going on. below > is sample of what is in the logs. > > > 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST > /desktopalert/AlertService.asmx - 80 - 190.132.20.218 > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) > 401 2 2148074254 > > 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST > /desktopalert/AlertService.asmx - 80 - 190.132.20.218 > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) > 401 1 0 > > 2010-04-02 00:00:00 W3SVC1 190.132.41.63 POST > /desktopalert/AlertService.asmx - 80 RSSS\CulverJB 190.132.20.218 > Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+2.0.50727.1873) > 200 0 0 This is perfectly normal logging for an authenticated request. From what I remember (and I may be wrong here so don't quote me on it), with any request using the Wininet API (which will be used by pretty much all Windows networking applications) even an authenticated request is first tried without authentication. So you get the following: Client sends request without authentication, resulting in the 401.2 entry in the log. IIS sends back a WWW-Authenticate header with a list of authentication options. Client sends request with NTLM hash set to something random, because there's no server token at this point, resulting in the 401.1 log entry. IIS sends back a NTLM token. Client uses the NTLM token to hash the login credentials and sends the request to IIS, and you get the 200 entry because the login credentials are accepted. IIS returns the requested content. There's nothing wrong with your application, and the IIS log entries are just the normal authentication negotiation results. -- Dan |