[thelist] IIS Directory Security Inheritance
Robert Gormley
robert at pennyonthesidewalk.com
Wed Oct 18 22:50:48 CDT 2006
Started a new IE instance each time. The folder has NTFS
permissions to read.
On further investigation, it appears that it is a symptom
of SSL.
Allowing unsecured (but authentication controlled as
desired originall) access to the resource works perfectly.
Switch on SSL, and IIS seems to ignore the subdirectory
permissions.
Hrm.
Rob
On Thu, 19 Oct 2006 12:30:55 +1000
"Ken Schaefer" <Ken at adOpenStatic.com> wrote:
> What did you set for the NTFS file permissions?
>
> Did you access a restricted file/folder prior to
>browsing to the anonymous
> file?
>
> THanks
>
> Cheers
> Ken
>
> --
> My Blog: www.adOpenStatic.com/cs/blogs/ken
>
>
> : -----Original Message-----
> : From: thelist-bounces at lists.evolt.org [mailto:thelist-
> : bounces at lists.evolt.org] On Behalf Of Robert Gormley
> : Sent: Thursday, 19 October 2006 12:02 PM
> : To: thelist at lists.evolt.org
> : Subject: [thelist] IIS Directory Security Inheritance
> :
> : Hi all,
> :
> : Using IIS6, I have a web site that has
>authenticated-only
> : access (Basic) enabled. I want to make one directory
> : authentication-free. No problem, think I - I set it's
> : directory permissions in IIS Manager to enable
>Anonymous,
> : disable Basic, and do the same for file permissions on
>the
> : two files within.
> :
> : No dice. I still get prompted when browing to
> : https://site/blah/
> :
> : Seems logical, and indeed if I "test" by trying to
>turn
> : off auth at the site level, it tells me that "blah",
> : "blah/file.html" have different permissions, do I
> : override, so it definitely seems right, but it's
> : definitely picking up site permissions and using them.
> :
> : Am I missing something, or do I need to make the site
> : anonymous, and all the root dirs/files authenticated?
>
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
>For unsubscribe and other options, including the Tip
>Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
More information about the thelist
mailing list