Tutorial :IE7 with Integrated Security is asking for credentals, but Firefox does not any idea why?



Question:

We have a web-site configured for Integrated Security in IIS on the W2003 Server. When we attempt to connect using IE it is asking us for Network credentials. If we supply those credentials we get an Access Denied.

If we configure Firefox to allow that web-site as a trusted URI, we can connect and use the site without any problems.

Does anyone have a clue as to what is going on, or what I could do to resolve this. I've spent most of the morning trying to resolve this and have come up against a brick wall.

The site is on the local intranet, I've setup the server in the local internet zone in IE, but that still does not make a difference. We do have a proxy server but IE is configured to bypass that for local addresses.

Kind Regards Noel


Solution:1

Make sure that the site is in a trusted area that allows the forwarding of credentials. Also, make sure that the user that is trying to access the site has been given access through IIS and / or defined in your web.config

In the security area of your Local Intranet Zone make sure that the option to forward your Windows credentials is checked (I don't believe that it is natively)


Solution:2

Ah, this sounds familiar. This sounds just like an issue we've been having with our SharePoint server -- Firefox would get redirected to the login and work like a charm, but IE would get challenged and fail.

SharePoint, Office Live Add-in and 403 Forbidden

Since you didn't mention SharePoint here, I'm guessing that's not the server-side product involved, but it sounds like a very similar problem (and I see the problematic office headers in the request you posted). Do you have this problem from another machine with IE 7 but not that "Office Live Add-in"? Maybe your server app is doing similar checking for Office that SharePoint does.


Solution:3

Thanks for all the replies, we eventually tracked this down to a WinHttp proxy services that was running on the server. For some reason it was interfering with IE requests but not with Firefox. Once we disabled it everything worked fine. The service was called

WinHTTP Web Proxy Auto-Discovery Service


Solution:4

IE will not always detect local addresses correctly. Try turning off the proxy for testing.

If it works add the server name to the "Do not use..." proxy settings.


Solution:5

Have you tried to use a tool like Fiddler or Wireshark to see what's really flowing between the client and the server? Maybe Firefox has saved credentials or the server is sending an authentication header that Firefox understands but IE doesn't.

If you could, post the headers the client sends and the server responds with for both -- the answer is likely in them.


Solution:6

Here's the IE/FireFox Request/Response traffic. Thanks for offer of to examine them.

Regards Noel.

IE Request/Responses - Up To Networks Credentials Dialogue.  =================================================================  GET /tp2v3.administration.website/default.aspx HTTP/1.1  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-silverlight, */*  Accept-Language: en-ie  UA-CPU: x86  Accept-Encoding: gzip, deflate  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)  Host: r1-08-qa  Connection: Keep-Alive                HTTP/1.1 401 Unauthorized              Content-Length: 83              Content-Type: text/html              Server: Microsoft-IIS/6.0              WWW-Authenticate: Negotiate              WWW-Authenticate: NTLM              X-Powered-By: ASP.NET              Date: Wed, 22 Apr 2009 12:58:16 GMT              Proxy-Support: Session-Based-Authentication                <html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>    GET /tp2v3.administration.website/default.aspx HTTP/1.1  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-silverlight, */*  Accept-Language: en-ie  UA-CPU: x86  Accept-Encoding: gzip, deflate  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)  Authorization: Negotiate YIIKQAYGKwYBBQUCoIIKNDCCCjCgJDAiBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICCqKCCgYEggoCYIIJ/gYJKoZIhvcSAQICAQBuggntMIIJ6aADAgEFoQMCAQ6iBwMFACAAAACjggP9YYID+TCCA/WgAwIBBaEMGwpaQVJJT04uQ09NohswGaADAgECoRIwEBsESFRUUBsIcjEtMDgtcWGjggPBMIIDvaADAgEXoQMCATCiggOvBIIDq7C1jE6W4jMUYtnsMU9AWzIpvK5HReolYjn/P+j7d8LFRa0dpuNfYL2K/g6MBsP7CchH86C0GclXEIvZjxvX9mM9O3W9pZOoVQwsP/UTSe4Y19rZSDbMU3e7vhJy5jK8BYhRknncQ8aAKj3mQXLeQs5a7C3P6gZ8sJYgcvC29CTmjgV3BEMutrq0Z/6qmiB7pe6hB4RatCNSo2u9hmwR+prRmoV1fx4nd4q8QiQ9X3mfY3NbU4KIAoeTsEHV4vjHiLRx3SNuHaU5ug5PhOYCfF4ZAZLUy8Dy1q3I1+VRrrAlofJNKK8nG6KDwOKmE5mUSO2IPg3TlOrzJS4+qfMU7F1HFMs1naB7cC7fm976EM6CBchnTue3aLMlwsy+KrMmfjocxmHViCrKrrEADHj2aDkbzNy/wwdlqH58Jh5iLPhWwy9B/vLxmLl9s49AJ290KtoBNnrYMYr8pHI5r6JCz5nzcQfsyPA6I2uMUdugNCQGlHkZ1eNyJB81hNbEIxm5mplwsLJqoUYbkBtgThkomiA40CxUYT88bU/CL5O1uZqw+adBgh1+j8E8pg1XGKXX/xzdwYLLehSCgsU0/qlzDRU/vWC/RuaD2M+N3fBygSWaYq9M9gQwHzwoGaIm1j35W33DxUyg7XP9TOUFdw6HZNl6oaXDvBhgdSpRJXKdVbdPn7iUdNHWlw+GYAW75hKoS6zG4ZHyEtd/GiprooXh77WXLlCPO8GRJ+yfC1UPk7DB+hopVGV/a+Ipij6G2ZKqUt90L+nmAp731Sv+hkofudoxRrK6rmCnaqvy9OeKGezczKaWgYCp84TS0i84G8Xoa405AVOJIEvc7H8kUREAjD9H1ALAFv9Rm+4RUmsSB5bbkzf+q0RFtZpmJLnTsrPAQHI6dIcqL2DIIUk+8Lim7MXHvkl85wutcWl8DPt7PIs60p9iPZrLnznocf4N8tuEmBWomA9ELSGIwcyEH54qKg/0VREAKov5OwHe2QL0XcNg3l/cgOtvIygm3WsUgT5ECtHCl3+B40cu6EqOaGosc0e9iQE8SCi48VSZ5Z7EFFFHHFEKJCU7pF4IHTEfzbyAsFWt7MuywUmQ2KvUyMvSrM2/gBw02xcUX3Zlh5x7VxPH3WuYJenOJmQhUgsngvZgFvuDE1dBU601Klvr9Vb8wlpp27xHYS41bSfenww/3jlscIx7fu+uqiVNtAt/k83bb6yf5oKTykB5emsEqwTH4d3R6jfFA2cGx8VmIaSCBdEwggXNoAMCAReiggXEBIIFwH3aJUOOhnAvIFPRvPD3GEcFtKV35K9yhV6dZARcKIOdB2LtDhpAuVJP+qI8IO5NTkWGFRs2sKOiaylajmwJhxNBYSfDlYT/3uHtikblK3EMo4M5+Pg9w7GqnyCEOeIxfk5uu2PeGpbYRFJ2MblVcNDWnQYFlfE/Av3nnMAHljfKWpjrHfOobdovxVO8/e82+z0e8DkHQB5w1QZojhuqaez/1qprKeYDXJrABmnx515x9D7RC8JbULr6JK1umUwT/M2yJM9mfllWp4lmPhEmfWqGAFi9rgTO0TQ6/KzmI0KFgokdZwUpXEeTSCgkYYPP9kCZxSxFnUwxLyvft3CPwaFkuS/h8Nq4agnAmldYjtJ3pp/UdY53C9QxoE5Yv+PwfTJBNlDK1Yi01hUKhuKYkVVe06W/E6sXy/p3LQVgT8OipxDGRLK9alAijs2P4kKu3yrKJKxJdAzA1+8GeoTALCI3OMFTrZsaN2K+elJ6Pg2IM/ubuhyhQhl2urEMvAfROEShsuM6FOOWjmy7QoO/sMfjeY+k+XWJEVjJAM9b66zNqGtItLo4lJMgWPR4FNU4b6ihT/qCi6R6HgnfVJumIdj0pm4vZ5nLlSgU/QVVP9M94F+cb+b7b9r3x6ZJhxTcg0z8g1+ytbNIyGZ83gnfAsANnaiWFq5dL8Ize84RvFzWbLWKLivioo3UH6k9Q2hEvJ7bWhPZYrpyYo16pXL5JuBVNzDR1ue2O7ZA/IjAqZrINLpKS/rt1Z81N90hULihD8K3ReYs7GjaYLWp1MwU0AlACkconHZITZnFRiPFkeP4gYp7F/mRrcCWyndxUj3OTlURKspz7nt36okXn9cmov8hqmzwnDV6WeMW1kvbbygUVyFpITOoLSkMq3rmpWOJOVzd2WQ/YO5CsTNB9ZLcqCvHQf1Jtx3Ho+oyB4IR3XKA4HPKrtYtgi+9bha+wkki3VXreshSJhajYdaShNBVn6TgfiywNCG9YVQgac/GYEVO1m+fpYJjP95LkeqdX3vW5bhrmISyCg7yGAI5MwpthlMAA7B4i/BwLnoCfrDcaCtj5G0dj67LxsuOINNRs05rCmThcpVbDGoViBZII12oiaMQdSKBaoYiXOrPwHxrg9n1ks61MdgzzC7G6HMUISiHlkRE8LIldLLqcexjYhzKpSbH+Nvdf+Ku6GPCjOq/vMRExqZNQOjR6/DcLFKEl8yX3SXGkfIoCwW5aaG50gNRoL8/4UxODTfnsbxyrXUvpldSisU4HpVOFMK7lqmLUOkKUIIG855gaUnnPkUuPr1cW/XW0tSnIzluHOuxsSmSzAzQq4XnOYBC9zc+fYC+5xKzsej1xp66nI2f7hwvo4ruOEGjKXgVdzzQ6vHbIK1y5qUt42hRpi3Sj3kQXnIbHroni+z71xbrbBqR0lO5CQ0w7rnZ0jjIbj7jQeXQx2Dx/K5fBUL8YBAEcwDdsk1RyEbKODOvai/Tyxn33xmpOEjpbdck4vva5aNXtqy49pL2DxwUo/Ri9M8ZWWjaRShuok9exLz6JX3onjBPD9LAfPJrNoo7L3+z7NFw+OyHnCM1SA8xYmt/Jng+WTHd6SZUWJ/vOOfgUI3io1t7wegjmodb7yy+HAWUJO6fPhBWcGx6GquDc6CeVnGjtm+twgAUY0hQSjPZ9/yiHiYvhv+SbVBDHHK6RlkRP5CzwbXRVbkD9fI1ZmH1IBd9QRYAp0EnzeJSweYo8N5/DI+2/TesgFQw2bdBsn+xRlzA9S6SdmPJLp4Hhj2vSqgpCNxd2a0GKlfHbM6LIqJgKYLpI48e7DSH1pWzD7B43j8Fv6miuaGQU78RtxuTetnTo4njntoA/gR4LF7BqZuqoTeB+my3AoQSml83DvTfs68WcefxUDXbYdWh0LKWY7sZRHWefJ/miRNOxljvQf82c9jowkJFL5iKTQbaLKxRUe/6Yta39gaYO0c4  Connection: Keep-Alive  Host: r1-08-qa                HTTP/1.1 401 Unauthorized              Content-Length: 83              Content-Type: text/html              Server: Microsoft-IIS/6.0              WWW-Authenticate: Negotiate oYGLMIGIoAMKAQGhCwYJKoZIgvcSAQIConQEcmBwBgkqhkiG9xIBAgIDAH5hMF+gAwIBBaEDAgEepBEYDzIwMDkwNDIyMTMwODQ5WqUFAgMC7LSmAwIBKakMGwpaQVJJT04uQ09NqiYwJKADAgEDoR0wGxsEaG9zdBsTcjEtMDgtcWEuemFyaW9uLmNvbQ==              X-Powered-By: ASP.NET              Date: Wed, 22 Apr 2009 13:08:49 GMT              Proxy-Support: Session-Based-Authentication                <html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>      GET /tp2v3.administration.website/default.aspx HTTP/1.1  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-silverlight, */*  Accept-Language: en-ie  UA-CPU: x86  Accept-Encoding: gzip, deflate  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)  Host: r1-08-qa  Connection: Keep-Alive  Authorization: Negotiate oYIKDjCCCgqiggoGBIIKAmCCCf4GCSqGSIb3EgECAgEAboIJ7TCCCemgAwIBBaEDAgEOogcDBQAgAAAAo4ID/WGCA/kwggP1oAMCAQWhDBsKWkFSSU9OLkNPTaIbMBmgAwIBAqESMBAbBEhUVFAbCHIxLTA4LXFho4IDwTCCA72gAwIBF6EDAgEwooIDrwSCA6t/KEYVjGYGHuzZHMIgzUJCcBM+502dyaVZeY71+YzvCb7ha2SI4lTu+8oifn8MK1Uj23nqFgFNvRelFfffPDkJYf+oGuYLSkrWsb1sh2mwt42NTd9zj2U0WNrPIR5QNACouDUyTNr4sOJiF9oNWB6ttnd8GowqdyZFqQP5So0SRn0MseHnF1slSZo07PQNIobI9EC8vfPYu3k8xlIpqdpem6tXxn/pYptOID3pV1tv1wgLcyR6YWcYgjfE5ath7LRoqRPe0w2a0c7OUDyqgiWuoe440eKhGGlMS3FrIVPrqXM4sBvembyaNTXxuk9XBXwEo28FARbFaZUdY1kjBhh4ziMQtoc8tEMbDP5i2qveOCx3LOXu2oL2TV3x9H6eAfPCOqidecOKv+EL9LZDaJzD6VFvNuBRo8Wil+z7E9/XBd91fBS5PHGDhCrp2GMf6o9B9ogCeBEBjC+alOmeYxoYB2qWasgZeOq9DhZ+NlQgR9ITtlzNVCQwu4/sE4TVw1mnLU/JXz3sXpQIVhQdG1iKK6JiKVJ1jLYjPHPB5dQZUOAKMaiTQ24MsE5hJf43GrIqh3oG44hY0JfiBbbBF9Ss1cI4tvZ6nAsAcAvE0ea+J25P6KXcDsBO08kE8jDOUKsENE0l0hcF084fz9lricM2zVi7qMg7KtbRufAKjP7oyiZHIQjAe9JQh7+1YSMXXKEKbA/HAI0AZBLwZOT2LXDwoy+JKlK3FNesJe8PpzrcMFOFYRw4Bv50IKZhglsekAZHVcyG0Maoibt4JbpilvASxbGoKA1qhpXRDuZnBGkgapsm4CQHDepSTBtRP+RjxvXXHsK4R4fyAnR7OeJRfoegdrkKsBEnmLOBFCmClaW4Z1bdRMDbgU1EAT5u/dAK7BXWzFHRGgJ6aNx7lBCmMBau0PFDLJzslqAQ5yM+RCx9knIQ8I7m+XNtxKWpSAYqg1RW4LccN1zGsiZAJhFCQztMtUmnY0F9C8k2xPbJ8uU57wY/kCB9Zy8rzgqaTNSsxih1UxPUwDMBvnEhbVQlTuv+P0nsSB5ERPbIcRc/0OrrHlc+iLeWXFwWvi9zIofQdDQzGqX1a0FJy3/AQNpmkoRO33GHJpXHUuuz92aD7auoNTObfFJlv/Febo9S5k6++lwZP4PJm/UA/bdJ6scAdYqXrIE/RQ3zwoVVnPxrw3M/T6ZE7nplrxKXU3Y7r2JH1NdLZmlvOdn/2YFVo99N9s5//OrRhgmnRxrRRECkggXRMIIFzaADAgEXooIFxASCBcAo8OmqGmZIMmXyPQxyeHuiNXnOsbTtwF/mNvGct9fCJEBOAdr0JtPmD/4PZGvfgtgF5Wq3XCKeS5At79Jk4x1hYDb5geZdVTirrGpta7Jc8gbdSsagNhIB86sotgte5s7389f78a0xqY/t2EV6PJy/59tGJHIGmElP1tDCvoFLsGLXx17KsRyVCwepRhefQolUq8h2FxmGJa5J8CFvXmOJjq8sytR4650vcSAKyazUpE3ygvsiQSWgzmOqPm54+IlHT8Wx32rhMWqCSRYasTbcaxaZXq8X6gQN5hO4jozrrM8xoEhbHjhEOJWqbeX85eh4p5ANk4Ggaly2JoMxwTa95TQdur3esMc5GRV7Bd/XVNpMPs9Iovvu43c+cJuMFgOCo1+0kCeTOXqGOJ/2qK2HjriEPV71q/re2VUf0sRgBdFKwPGRBge1KKFj/aTneN9L0YITPW3jBQzo1tptgpYlUSoK6LcKHm2V+zoIW+dfUVJlT1Zvgj7dSFJHz/Up70pKe0s7/5sW42zbB4g2ooaIWI9m0IVrn9ZdkTNbwwsJ/b6zyf1S+5d1vs5Hpp3DUSQe5D2EuAQPYPWWNKjhDK3KYbOZ8N/26qYXGxr/mLYLbR7xrRj3iDTHPUUyp2/whI+Cp09Bp4rZX9oFeKu6wWVsevMZXNSqdGWcJAjeK1vZKKmgXRxCrdhEf1RBPq78t+QLuzZSbNSX7ZUUPrgIAf7OvzEKBq1zt+NSf30++mPOF+0QGXNyusZQVIESsy4STIEMguM94m/8jykFfRM+m6a5dAKFAVCfwk36+4Vj+kR+4ZrwjQ+vpmluzrAencKuWOuFABZvZrZ/zxEn+NgaatBhfi71bxAan+i0q4+bJf1g/Lgamhuywdo7B9SjnLU2Y5vsWAn5Q0hMQOwTA9mf7Ba/652pmHaox3nAmBZFhTILD3loPjCAhT7LtylTBLEyWV2Mo9jTos17rM0zxVLkFz1uwW6Lvok8bxucMfvv6nUSggeg4ZVdvkCBUDwpDwykskbxJpIlnL1BBPlqBr9qOLYhhZgCXJkBvvB8i50NEtCMfBAGgHJyZo5xx8oYVk+kilunhHPAS8Z3D1bOyMyI4UZbNmHjstKW1/j3AedwQcwcC9Ws3nIlZW929+NJOQtsErkUz1tAFbH+lOc/CCtJkBfV8psAbj6mhaF4ZzR6hiGaz3U4Mf68eupzrlRd2bEeYv/pqM32lHW9yurtBipLux9bCZ4jCbZ8XXHcLmr1f1rDLV/nGEkiv07BDx6xDWZW//jY2D3P/sVovlMkgl/Qqd95ZJZvEIN6xtL0Rm1Pn3M19gb0K1MSx5gDGiKRn0BvQHgi/D2EW0eZ2cmI75zQfh4ztkd2G1HmYRqnp9V67lX1OZApWQPeBLarakgEZ3SQAQ0m9JaHQIdLX+pkrmJtqti0U1vF6Hk1IetZynH/29JGOiO2cKCpV+OsJQi/IfCRAwfCFxjIT1FpBtTPPCVe2U/8ca3NlrA0ftQIGS4lTGv/4A20dTEQo16s/B1ty9WXhf4M/OPq4BwJK9y7+pXzskxIDUymnMa3XdYuz90WnebDFv9y2eqThXVQ34TDmV7TnMiNU7KDeZ6gm/XYl0g0NxMZpHqXT+XElSgF2aUa0gyu9SPfFhWnBfq95hB8Af6ydvzWBs/PKROjg9wYvXDnJUegQpb0RTrry1cHCv950tFC0zh7XtQIZtXF2GBwrGZPasjSP1MAfitzAGUOlyVj16cQId3wRO/6XqJO8FLsIe6vngtpHQ8cVmg9EXiiVprtE7aoo8yTHllCX4ZutvL4AToNJVGEnea6FsSCDwRhUQLwTgh0fnpTjW9hW3aWbjjwbIjiwJVvHkn4G3xv7urHdXAWy91xM8McrZXL7pU32eCRfNQmoeuSBkekOQZFjz3nwaWfmcSAQIlJHn87NlJMZeLDhAHDtZd8z+mOp5prBP9TVA==                HTTP/1.1 401 Unauthorized              Content-Length: 83              Content-Type: text/html              Server: Microsoft-IIS/6.0              WWW-Authenticate: Negotiate oX0we6ADCgEBonQEcmBwBgkqhkiG9xIBAgIDAH5hMF+gAwIBBaEDAgEepBEYDzIwMDkwNDIyMTMwODQ5WqUFAgMDKb2mAwIBKakMGwpaQVJJT04uQ09NqiYwJKADAgEDoR0wGxsEaG9zdBsTcjEtMDgtcWEuemFyaW9uLmNvbQ==              X-Powered-By: ASP.NET              Date: Wed, 22 Apr 2009 13:08:49 GMT              Proxy-Support: Session-Based-Authentication                <html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>  

Network Credentials Dialogue then pop's up.

FireFox Requests/Responses Till the 1st Successful Request.

GET /tp2v3.administration.website/default.aspx HTTP/1.1  Host: r1-08-qa  User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 (.NET CLR 3.5.30729)  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  Accept-Language: en-ie  Accept-Encoding: gzip,deflate  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7  Keep-Alive: 300  Connection: keep-alive                HTTP/1.1 401 Unauthorized              Content-Length: 83              Content-Type: text/html              Server: Microsoft-IIS/6.0              WWW-Authenticate: Negotiate              WWW-Authenticate: NTLM              X-Powered-By: ASP.NET              Date: Wed, 22 Apr 2009 13:11:04 GMT              Proxy-Support: Session-Based-Authentication                <html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>      GET /tp2v3.administration.website/default.aspx HTTP/1.1  Host: r1-08-qa  User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 (.NET CLR 3.5.30729)  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  Accept-Language: en-ie  Accept-Encoding: gzip,deflate  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7  Keep-Alive: 300  Connection: keep-alive  Authorization: NTLM TlRMTVNTUAABAAAAB7IIogYABgAwAAAACAAIACgAAAAFASgKAAAAD05MWVNBR0hUWkFSSU9O                HTTP/1.1 401 Unauthorized              Content-Length: 83              Content-Type: text/html              Server: Microsoft-IIS/6.0              WWW-Authenticate: NTLM TlRMTVNTUAACAAAADAAMADgAAAAFgomiKWBzG8sls3wAAAAAAAAAAIIAggBEAAAABQLODgAAAA9aAEEAUgBJAE8ATgACAAwAWgBBAFIASQBPAE4AAQAQAFIAMQAtADAAOAAtAFEAQQAEABQAegBhAHIAaQBvAG4ALgBjAG8AbQADACYAcgAxAC0AMAA4AC0AcQBhAC4AegBhAHIAaQBvAG4ALgBjAG8AbQAFABQAegBhAHIAaQBvAG4ALgBjAG8AbQAAAAAA              X-Powered-By: ASP.NET              Date: Wed, 22 Apr 2009 13:11:04 GMT              Proxy-Support: Session-Based-Authentication                <html><head><title>Error</title></head><body>Error: Access is Denied.</body></html>    GET /tp2v3.administration.website/default.aspx HTTP/1.1  Host: r1-08-qa  User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 (.NET CLR 3.5.30729)  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  Accept-Language: en-ie  Accept-Encoding: gzip,deflate  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7  Keep-Alive: 300  Connection: keep-alive  Authorization: NTLM TlRMTVNTUAADAAAAGAAYAHQAAAAYABgAjAAAAAwADABIAAAAEAAQAFQAAAAQABAAZAAAAAAAAACkAAAABYKIogUBKAoAAAAPWgBBAFIASQBPAE4AbgBsAHkAcwBhAGcAaAB0AE4ATABZAFMAQQBHAEgAVABY8nEGtCxA6AAAAAAAAAAAAAAAAAAAAADypTTGGfNQwTDfUA8dB2VSGiRZStKTPIU=                HTTP/1.1 200 OK              Date: Wed, 22 Apr 2009 13:11:04 GMT              Server: Microsoft-IIS/6.0              X-Powered-By: ASP.NET              X-AspNet-Version: 2.0.50727              Set-Cookie: ASP.NET_SessionId=30ys5zfxo1ove145a4zukkul; path=/; HttpOnly              Cache-Control: private              Content-Type: text/html; charset=utf-8              Content-Length: 7501                    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">                <html xmlns="http://www.w3.org/1999/xhtml" >              <head id="ctl00_Head1"><title>                  TP2v3 Administration              </title><link href="App_Themes/MSN_CherryBlossom/default.css" type="text/css" rel="stylesheet" /><link href="/TP2v3.Administration.WebSite/Static/Css/Style.css" type="text/css" rel="stylesheet" /><script type="text/javascript" src="/TP2v3.Administration.WebSite/Static/Scripts/Constants.aspx"></script><script type="text/javascript" src="/TP2v3.Administration.WebSite/Static/Scripts/Common.js"></script></head>              <body class="RootSectionColour">                    <form name="aspnetForm" method="post" action="default.aspx" id="aspnetForm">              <div>              <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTgyODQ0Mzk3MQ9kFgJmD2QWAgIBD2QWAgICDw8WAh4EVGV4dAUESG9tZWRkZJ5c9WxhLKzCw+RVx9xZf+7hTJ7f" />              </div>                        <table border="0" cellpadding="5" cellspacing="0" style="width: 100%; height: 100%">                          <tr>                              <td style="width: 200px;" class="RootSectionColour" valign="top" >                                  <a href="/TP2v3.Administration.WebSite/"><img id="ctl00_Image2" border="0" src="static/images/adminlogo.gif" style="border-width:0px;" /></a>                                  <table border="0" cellpadding="0" cellspacing="5" style="width: 100%">                                      <tr>                              <td valign="top">                                  <div class="Menu">              <div class="CurrentUser">ZARION\nlysaght</div><br />              <div class="MenuItem ApplicationsSectionColour MenuItemNotSelected"><img src="/TP2v3.Administration.WebSite/Static/Images/applications16x16.gif" /> <a href="/TP2v3.Administration.WebSite/ApplicationConfiguration">Servers</a>              </div>              <div class="MenuItem SystemSectionColour MenuItemNotSelected"><img src="/TP2v3.Administration.WebSite/Static/Images/system16x16.gif" /> <a href="/TP2v3.Administration.WebSite/SystemConfiguration">System</a>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/Attributes">Attributes</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/BaseFields">Base Fields</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/Classes">Classes</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/CommonConfiguration">Common Config</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/PooledUserGroups">Pooled User Groups</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/SqlConnections">SQL Connections</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/WorkQueues">Work Queues</a></div>              <div class="MenuItem SystemSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/SystemConfiguration/Diagnostics">Diagnostics</a></div>              </div>              <div class="MenuItem ModulesSectionColour MenuItemNotSelected"><img src="/TP2v3.Administration.WebSite/Static/Images/modules16x16.gif" /> <a href="/TP2v3.Administration.WebSite/Modules">Modules</a>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/DocLink">Document Link</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/DRT">DEC</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/EmailGateway">Email Gateway</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/Metrics">Metrics</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/TP2Monitor">TP2 Monitor</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/WorkRating">Work Rating</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/Converter">Converter</a></div>              <div class="MenuItem ModulesSectionColour"> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <a href="/TP2v3.Administration.WebSite/Modules/Acknowledgement">Acknowledgements</a></div>              </div>              <div class="MenuItem UsersSectionColour MenuItemNotSelected"><img src="/TP2v3.Administration.WebSite/Static/Images/user16x16.gif" /> <a href="/TP2v3.Administration.WebSite/Users">Users</a>              </div>              <div class="MenuItem GroupsSectionColour MenuItemNotSelected"><img src="/TP2v3.Administration.WebSite/Static/Images/group16x16.gif" /> <a href="/TP2v3.Administration.WebSite/Groups">Groups</a>              </div>              </div>                                </td>                          </tr>                      </table>                              </td>                              <td valign="top">                                  <div class=Breadcrumbs>                                  <table class="SimpleTable">                                  <tr>                                  <td>                                  <span id="ctl00_lblTrail">Home</span>                                  </tr>                                  </table>                                  </div>                                                        <div class="Breadcrumbs RootSectionColour">              <table class="SimpleTable"><tr><td>              </td><td align="right">              </td></tr></table>              </div>                       <p><h1>touchpoint2 v3 Administration</h1></p>                   <table class="SimpleTable" cellpadding="4" cellspacing="12">                  <tr>                      <td class="ApplicationsSectionColour HomePageSection">                          <a href="/TP2v3.Administration.WebSite/ApplicationConfiguration"><img src="/TP2v3.Administration.WebSite/Static/Images/Applications48x48.gif" />                             Servers</a>                                  </td>                      <td class="SystemSectionColour HomePageSection">                           <a href="/TP2v3.Administration.WebSite/SystemConfiguration"><img src="/TP2v3.Administration.WebSite/Static/Images/System48x48.gif" />                            System</a>                       </td>                  </tr>                  <tr>                      <td class="ModulesSectionColour HomePageSection">                          <a href="/TP2v3.Administration.WebSite/Modules"><img src="/TP2v3.Administration.WebSite/Static/Images/Modules48x48.gif" />                            Modules</a>                      </td>                      <td class="UsersSectionColour HomePageSection">                          <a href="/TP2v3.Administration.WebSite/Users"><img src="/TP2v3.Administration.WebSite/Static/Images/User48x48.gif" />                             Users</a>                       </td>                  </tr>                  <tr>                      <td class="GroupsSectionColour HomePageSection">                           <a href="/TP2v3.Administration.WebSite/Groups"><img src="/TP2v3.Administration.WebSite/Static/Images/Group48x48.gif" />                             Groups</a>                      </td>                      <td>                               </td>                  </tr>                 </table>                                  </td>                          </tr>                      </table>                  </form>              </body>              </html>  

Page then displays successfully.


Solution:7

Given the other answers: what if you set up a dummy domain name in your client's hosts file, to fool Internet Explorer in thinking it's not a local address?

And maybe the following will get you into the right direction, though I doubt it:

I've set up many instances of Tomcat server sitting behind IIS (because part of the functionality of the site needed IIS to get, don't ask, Microsoft DRM running). If memory serves me well, Tomcat (or the ISAPI Tomcat Connector) would never be given the Basic Authentication headers supplied by Internet Explorer, as IIS took those away after failing to use the credentials for the Windows Authentication (which I did not ask for when sending the Authorization Required response in Tomcat...). However, in Firefox I could trick IIS by hitting Cancel in the login dialog. Next, a second dialog would be shown, which would then work fine. That second dialog would also show the realm specified in Tomcat, while the first would show some generic IIS message. Disabling Integrated Security in IIS did the trick for us.

So: are the prompts the same in Internet Explorer and Firefox? And maybe you can play around with hitting Cancel upon first login -- of course, that won't solve your problem, but maybe you get more details... Or maybe you can change the order of the supported authentication methods in IIS, or remove Basic Authentication altogether?


Solution:8

not sure if this will work but when i was mucking around with spnego authentication and firefox i hade to:

about:config

search for negotiate

add the server to trusted-uris

EDIT: looks like firefox is using old NTLM and IE is doing negotiate authentication which kinda explains why firefox is working. i susepct if you add your server to the trusted spnego urls firefox will stop working as well.


Solution:9

Could this be the case?

Internet Explorer must consider the requested URL to be on the intranet (local). If the computer name portion of the requested URL contains periods, Internet Explorer assumes that the requested address exists on the Internet and does not pass any credentials automatically. Addresses without periods are considered to be on the intranet (local); Internet Explorer passes credentials automatically. The only exception is addresses included in the Intranet zone in Internet Explorer.

Source: KB atricle


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »