Our application is configured to use Forms Authentication, and on most machines it is working great. However, I am having a problem with the development environment on one of our developer workstations. When I go to one of the URLs of the application, like this:
IIS prompts me for a password, like this:
(The name iweb.local
is set up in the hosts file to point to 127.0.0.1. Essentially it is an alias for localhost. We configure the IIS site to use a host header so we can potentially support more than one application in the future.)
I am not prompted for a password if I go to most other URLs in the application, such as http://iweb.local/ . And I am not prompted for a password anywhere using the exact same code base on any other developer machine. It is only this one machine that is having the problem. This leads me to be reasonably confident that this isn't a problem with the coding.
Things I have tried:
~/Areas/Reports
into ~/Areas/ReportsTest
, with the appropriate refactors, and loading http://iweb.local/reportstest/
. That works; the browser no longer prompts for a username and password. However, changing the URL is not an option for our application. http://iweb.local
), but it does not log anything for any requests that prompt the user to enter a password. http://iweb.local/reports
has two options for WWW-Authenticate
: Negotiate
and NTLM
. From this, I have confirmed that IIS is directing the browser to prompt for a password. But I'm no closer to understanding why. http://iweb.local
or http://iweb.local/reports/
were responding to requests. Neither were, confirming that it is IIS that is handling the requests. I am out of ideas. I cannot find anything on this one developer box that isn't configured the same as the other developer boxes.
So: Does anyone know a way to enable a deeper level of logging or tracing to figure out why IIS is asking for a password? Can anyone think of anything that may be causing this that I haven't already looked for?
This is an ASP.NET MVC 3 application running on IIS 7.5 in a 64-bit environment. The reports
portion of the URL is configured as an MVC Area.
UPDATE
In my Web.config file, this is how the authentication mode is set up on the offending machine.
<authentication mode="Forms">
<forms loginUrl="~/account/login" timeout="2880" />
</authentication>
There is no <authentication>
element in the Web.config file for the Reports area.
If there is a folder in the application named "Reports" and SQL Server Reporting Services are installed on the server, then Reporting Services Virtual Directory folder that is also named "Reports" will be in conflict with the application "Reports" folder. To fix this open Reporting Services Configuration Manager (Start->All Programs->MS SQL Server->Configuraton Tools-> Reporting Services Configuration Manager) and change the Virtual Directory from "Reports" to any other name ("TestReports") under the "Report Manager URL" in the menu on the left.
This will solve the IIS authentication issue
Use fiddler or the dev tools in IE9 to watch the request. This will then show what in the header is causing the pop-up. It could be basic auth, or NT auth where the browser is unable to fulfil the request. As it's localised to the one machine, check IIS is configured to be anonymous only & check the permissions on the file being requested.
In the Location bar, type about:config, and press Enter.
The about:config "This might void your warranty!" warning page may appear. Click I'll be careful, I promise!, to continue to the about:config page.
In the about:config page, search for the preference network.automatic-ntlm-auth.trusted-uris, and double-click on it. In the prompt that comes up, type a list of server you want to allow, separated by a comma and a space. For example, if you wanted to allow http://myinternalserver and http://anotherinternalserver , you would type in myinternalserver, anotherinternalserver. Press OK.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.