[thelist] asp.net NTLM authentication fails on postback?
Ken Schaefer
Ken at adOpenStatic.com
Wed Jun 8 19:04:28 CDT 2005
My guess: there's client issue here. I don't think it has anything to do with
Active Directory.
I've numbered the requests you posted:
Request 1:
: 2005-06-08 13:31:39 10.10.207.66 GET /ChangeAuditList.aspx - 80
: LANDAM\vahqgs7 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 200 0 0
Request 2:
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80 -
: 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 0
Request 3:
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80
: LANDAM\vahqgs7 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 400 0 0
Request 4:
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80 -
: 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 2148074248
Request 5:
: 2005-06-08 13:31:49 10.10.207.66 POST /PendingRequests.aspx - 80 -
: 10.12.2.22
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 0
Request 1 - successful GET (as expected)
Request 2 - anonymous post request. No credentials are being passed. IIS
responds with a 401 (as expected)
Request 3 - client sends another request, with authentication data. IIS
responds with 400 - Bad Request. There is something malformed about this
request. You can have a look in httperr.log to get some idea of why IIS might
be rejecting the request.
Request 4 - Another anonymous request, which is once again rejected by IIS
with a 401 (authentication required).
Request 5 - This is a request for some other page (PendingRequests.aspx) and
so I'm not sure if it's relevant to the other requests shown here.
So, I think we have a client issue here. Either the client has some software
installed on it that's doing something to the request -or- there is some
software (e.g. proxy) between client and server that's doing something to the
request -or- the client may be using a buggy browser (maybe check to see if
there are any updates available).
Otherwise, use a network sniffer (e.g. ethereal) to get a capture of the
request that IIS is rejecting as a bad request (400). That's the 2nd POST
request above, and post it for analysis.
Cheers
Ken
--
IIS Stuff: www.adOpenStatic.com/cs/blogs/ken/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: From: thelist-bounces at lists.evolt.org [mailto:thelist-
: bounces at lists.evolt.org] On Behalf Of Scott Dexter
: Subject: RE: [thelist] asp.net NTLM authentication fails on postback?
:
: Here are log entries surrounding one of the failures...
:
: >
: > Is this an IIS 6 box? Can you please post the corresponding log
: > file entries?
:
: 2005-06-08 13:31:39 10.10.207.66 GET /ChangeAuditList.aspx - 80
: LANDAM\vahqgs7 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 200 0 0
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80 -
: 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 0
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80
: LANDAM\vahqgs7 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 400 0 0
: 2005-06-08 13:31:47 10.10.207.66 POST /ChangeAuditList.aspx - 80 -
: 10.12.2.36
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 2148074248
: 2005-06-08 13:31:49 10.10.207.66 POST /PendingRequests.aspx - 80 -
: 10.12.2.22
: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)
: 401 1 0
:
: Thanks Ken, I appreciate your time (it has *everyone* stumped over
: here)
: sgd
: --
:
: * * Please support the community that supports you. * *
: http://evolt.org/help_support_evolt/
:
: For unsubscribe and other options, including the Tip Harvester
: and archives of thelist go to: http://lists.evolt.org
: Workers of the Web, evolt !
More information about the thelist
mailing list