4

I'm am developing an application to use windows authentication.

In IIS anonymous access is turned off

In my web.config file I have:

<authentication mode="Windows" />

and

<authorization><allow users="*" /></authorization>

This works fine in the development environment, but when I deploy, some of the users get a windows login popup. Entering their user name & password works, but sometimes they need to fill it in several times during a page load!

Clicking cancel seems to be acceptable, and the pages load after one or more popups are dismissed.

This does not occur on all client machines, it does not occur consistently on the same pages either - it all seems quite random!

One user claims that he eventually had his NT account locked out after canceling too many times (I still need to verify this).

I assume that the problem must be client-side, as it doesn't happen on every machine. Clients are using IE 6 browsers. Authentication is set to 'automatic logon only in intranet zone'.

Any ideas what could be causing this?

Uwe Keim
  • 39,551
  • 56
  • 175
  • 291
Ragaei Mahmoud
  • 65
  • 1
  • 5

2 Answers2

1

Entering their user name & password works, but sometimes they need to fill it in several times during a page load!

When I had this problem, it was because my web pages referred to locally stored resources with full URL including the domain.

Instead of 

<script type="text/javascript" src="/include/wz_tooltip.js" />
<img src="/images/logo.png" />

I had there the addresses with full domain

<script type="text/javascript" SRC="http://example.com/include/wz_tooltip.js" />
<img src="http://example.com/images/logo.png" />

and the browser probably somehow didn't re-use the session for the resources and requested the user authentication again for each single resource.

Honza Zidek
  • 9,204
  • 4
  • 72
  • 118
0

Check this it just might help your problem.This is from another post on stackflow. Click the link.

Login prompt with IE

Community
  • 1
  • 1
Postonoh
  • 60
  • 1
  • 13