: -----Original Message----- : From: thelist-bounces at lists.evolt.org [mailto:thelist- : bounces at lists.evolt.org] On Behalf Of Robert Gormley : Sent: Thursday, 19 October 2006 1:51 PM : To: thelist at lists.evolt.org : Subject: Re: [thelist] IIS Directory Security Inheritance : : Started a new IE instance each time. That's not what I asked. Is the unsecured page the first page that you visit in your session, or have you already visited a page that requires username/password? : The folder has NTFS permissions to read. ?!? NTFS permissions for /which/ user or group? : On further investigation, it appears that it is a symptom : of SSL. Allowing unsecured (but authentication controlled as : desired originall) access to the resource works perfectly. : Switch on SSL, and IIS seems to ignore the subdirectory : permissions. I strongly doubt this has anything to do with it. Can you post the relevant IIS logfile entries as well? Cheers Ken : Hrm. : : Rob : : On Thu, 19 Oct 2006 12:30:55 +1000 : "Ken Schaefer" <Ken at adOpenStatic.com> wrote: : > What did you set for the NTFS file permissions? : > : > Did you access a restricted file/folder prior to : >browsing to the anonymous : > file? : > : > THanks : > : > Cheers : > Ken : > : > -- : > My Blog: www.adOpenStatic.com/cs/blogs/ken : > : > : > : -----Original Message----- : > : From: thelist-bounces at lists.evolt.org [mailto:thelist- : > : bounces at lists.evolt.org] On Behalf Of Robert Gormley : > : Sent: Thursday, 19 October 2006 12:02 PM : > : To: thelist at lists.evolt.org : > : Subject: [thelist] IIS Directory Security Inheritance : > : : > : Hi all, : > : : > : Using IIS6, I have a web site that has : >authenticated-only : > : access (Basic) enabled. I want to make one directory : > : authentication-free. No problem, think I - I set it's : > : directory permissions in IIS Manager to enable : >Anonymous, : > : disable Basic, and do the same for file permissions on : >the : > : two files within. : > : : > : No dice. I still get prompted when browing to : > : https://site/blah/ : > : : > : Seems logical, and indeed if I "test" by trying to : >turn : > : off auth at the site level, it tells me that "blah", : > : "blah/file.html" have different permissions, do I : > : override, so it definitely seems right, but it's : > : definitely picking up site permissions and using them. : > : : > : Am I missing something, or do I need to make the site : > : anonymous, and all the root dirs/files authenticated? : > : > -- : > : > * * Please support the community that supports you. * * : > http://evolt.org/help_support_evolt/ : > : >For unsubscribe and other options, including the Tip : >Harvester : > and archives of thelist go to: http://lists.evolt.org : > Workers of the Web, evolt ! : : -- : : * * Please support the community that supports you. * * : http://evolt.org/help_support_evolt/ : : For unsubscribe and other options, including the Tip Harvester : and archives of thelist go to: http://lists.evolt.org : Workers of the Web, evolt !