I have a server that hosts a few intranet sites. The one that all my coworkers have their Home Page set for causes their browser to authenticate, which is all good.
The one i'm working on now requires Anonymous Access in order to work, but the authentication from the first one is carrying over to the other. Can I use WWW-Authenticate to force anonymous access isntead of using it to force NTLM, Basic, etc?
One of our webdev guys is having trouble with IIS set up on his system, particularly with anonymous authentication. On all of his web instances, he can get to non-asp pages but all asp pages return 401.3. when using HTTP/1.0 or a proxy server. It doesn't seem to be at all related to the file system, because a test file has wide-open access. And it only happens with script pages; html or other files can be retrieved
The anonymous user is the one the iis install generated, and the "IIS controls the account password" box is checked. Everything looks like it's set up properly and the same way it is on other systems. There are no authentication errors in his system's event log. So what is asp.dll not liking.
I have what I think is a simple question but I am finding nothing but complicated answers.I have a web site running on IIS6. One directory used to use an alternate account as the anonymous user (not the IUSR_ServerName account) to connect to a database, etc. Now the pages in that directory no longer do anything special and I just want to start using the default IUSR_ServerName account again. I put that account back in, but what do I put in as the password? I am reading all about security improvements, network service vs. local system, unprivileged vs. priveleged, etc. I realize there is no longer a "Let IIS control password for anonymous account" option, but all I want to know is, HOW DO YOU GET IT BACK TO THE DEFAULT
I often have permission problems when I move my pages unto different servers.It would be very handy if I could programmatically determine the anonymous user account name from my asp page.How can this be done since it is not in the request header for anonymous requests?
IIS set up after VS.NET. On a virtual directory for a web app...I go to properties and click on the 'Directory Security' tab, click the 'Edit' button,check anonymous access, type in username/password for account, check 'Integrated Windows authentication' at the bottom...then OK out.
in web.config, I add the tag identity impersonate="true" />
firstload I get the account I typed in above...on postback it changes to my personal windows account. strange. Also when I switch on the anon user account for the whole website it works.
I'm creating a simple email form with just a text area field and a submit button. I want it to send to my mailbox. I want the senders email address to be anonymous. I don't know any server side scripting, so I'm hoping somebody can tell me how to build the .asp page to send the email. Code:
I have a 2 win2k3 SP1 AD Domain controllers and a win2k3 IIS 6.0 webserver, this is not in the domain. The webserver is in a DMZ. I'm trying to make an asp page that authenticates against AD, so all my company users will have to provide the username and password, that should match AD, before going through to the next page.
I need to be able to autoexecute an asp page from a batch file that is placed in the windows scheduler.
I can execute the page fine, but I can't get past the authentication. How do I pass the username and password to windows via the URL automatically so this can be done without any user action? This is not a https but it uses integrated windows authentication.
I get the user name from the login to the asp page. What I need to find out is the account active or is it disabled. Some users of the site are from the out side world these are OK. The problem is when an employee quits or is canned and their network acount is disabled. I need to find out if their account is disabled.
A freshly installed IIS on my Windows XP SP2 does not allow anonymous acces to the default ASP file (localstart.asp). I just used default configuration for installation, which enables anonymous access. But when I load http://localhost I just get a login box. A simple index.html placed manually for debugging purpose loads without login prompt.
I am testing the same thing on a Windows XP (w/o SP2). ASP works for anonymous access like a charm.
I have several website that use asp pages and backend databases running on my win2000 server. I removed everyone from the permissions on all of my Hard drives and added the annonymous user to the winnt folder and the wwwroot folder and all of the folders within these directories. Now my sites that just run straight html work fine but my sites with .asp pages are having problems.
However if I add the Domain Administrator account as the annonymous user to the site it will work. Then I have reverted back to the I_USR account and the site still works until the server has to be rebooted. At this point the site won't work until I add and then remove the admin user as the annonymous user to the site.
I am working on a website for an intranet and need to know how I can authenticate by validating my user/password at ASP webpage against the winNT user/password. So not using a 2nd storage of passwords, but simply using the one set for login to the workstation/server.
I found one thread but it was PHP based. I did however notice some comment by alexgreg, so it makes me believe it IS possible. The thread taught me it is possible with PHP, but that it would be easier with ASP... so my question is how
Quote: Originally Posted by alexgreg You can't interface with the Windows password list via PHP, since it's a closed (but not overly secure) standard. The only way I ... the Linux machine, and then use the database for authentication. But this would be very complicated.
You could use PHP to call an ASP script on the NT server, using cURL (HTTP library for PHP) to send it the username/password and then get the HTTP response back and re-translate this into a true/false value. This would be a lot simpler than the above solution.
Very curious how to achieve this. I tried searching the web with google, but I ended up with loads of results, but I still haven't found what I need. The bold part above makes me believe it's not that hard to achieve, one just has to know how
I'd like to set up a new web page that I'm writing in ASP so that it requires the users to authenticate using their domain accounts. The domain controller is Windows 2000 Server which is a member of my University's active directory. Does anyone know if this is even possible?
when I turn off Anonymous in IIs I get this Error : HTTP 401.2 - Unauthorized: Logon failed due to server configuration
This is usually caused by a server-side script not sending the proper WWW-Authenticate header field. Using Active Server Pages scripting this is done by using the AddHeader method of the Response object to request that the client use a certain authentication method to access the resource.
I have created an appln in ASP to upload some files.and through my appln when i click the link i can view them. but if i know the path where the files are stored,i can just type in the url in my browser and still open the file.
i want to avoid other people from viewing these files and only want them to open through my appln.How can this be achieved? Also this application is hosted a hosting company on a shared server.so not sure if there are limitations as to the solution in that environment.
I would like to be able to pass a request to IIS to have a user name and password authenticated against my Active Directory Users database. I'm running Server 2003 however my web pages are build using ASP (not .NET).
What I want to do is to open the standard User Name/Password form (I don't know how to do that either) and then make my request and get back a True/False result. There must be a way to do that but I haven't found it after 3 hours of searching the web.
How can I create new folders on the server, via ASP programming, which automatically allows by any user:
1. Files to be browsed 2. Anonymous upload to this directory 3. Allow uploaded files to over-write the existing file
I use the following ASP codes to create new folders, but all above options are off and I cannot e.g., upload (via ASP programming) to upload a file in the new directory because the option is off.
Set fs = CreateObject("Scripting.FileSystemObject") set b = fs.CreateFolder(newFolder)
I'm going to make a database of rude words, that i do not want users to name themselves when they use my scoreboard. I need my asp to scan their string and if a word from the database appears replace the entire string with anonymous.
I have some code which was designed to astrisk out all but the first and last letter of any appearing rude word
eg: d**n this b****y game or godd**nit
i have changed this to just replace each word to anonymous, but cant get it to the stage above, can any one help? My code so far is below. Code:
My main page shows a table to which a user can add data to by clicking on a button, this in turn loads up a pop up window where the data to be entered is typed. Once the data is submitted the popup window is closed via Close button, but the table on the main IE page only shows the updated information if the refresh button is clicked.
All i want to know is, is there a way of forcing refresh of the main page when the close button in the popup window is clicked. Code used for the close button:
I need to find a way to force all the asp code on a web page to load regardless if the user hits the reload or stop button on the browser. I am seeing where more and more users are doing this and it is causing me some problems on some pages. I would guess there is a way to do this I am just searching for the wrong thing?
how would i for a browser to download a file (specifically mpgs) i can get it to go for small 4mb files, but the larger ones if they do go, take bout 15 mins to even begin the download.
I'm trying to create mp3 downloader and force download instead open in explorer. it's ok if the song is at my server but what if songs are at another server. I try to split full path to file path and file name but doesn't work. Script don't work if is song at my server and path to song start with http://www...
Every time my page loads in IE6 the navigation reloads. How do I stop this happening? It works fine in FireFox.
I do have <% response.expires = -1 %> at the top of my page. Would this affect the navigation graphics as well?Can I force a user's browser to cache the nav?
Is there a way to force a file to be saved instead of using the "default action". In my situation, I've got a series of MP3 files that are being used by my chorus as a learning tool for learning the current music quickly. I have instructions on the site telling them to save the files to their hard drives and to play them from there.
However, people are just clicking on the links and their default MP3 players are trying to play the files. Now, I have compressed the files pretty hard because some were griping about the filesizes, so if they are played right off the link, the quality is a bit choppy. If they save it to their hard drive and play it there, it sounds fine.
Just curious: is there a bit of ASP code you can place in the top of a document that will force all root relative image and file paths in the HTML of this doc to expand to include the full URL?
I doubt it, but before I did it manually, I thought I'd ask. We use a template of sorts, but need one document to use the full URL, and it would better to just have it that way in the one document and not the entire template.
I'm trying to force a file download using ASP but not getting very far... I want the browser to send .pdf files to the user rather than trying to open them within IE (or wotever browser). Does anyone know what code I should use for this?
Is there a way I can force a Save As dialog? I have a page with a bunch of files listed for download. Unfortunately, these files attempt to open directly in the browser. I need a way to force a Save As.
I need to make it so that I can download a .WMV video file. because giving users the direct link doesn't work and I think its alot better than asking them to right click and save item as..
The below code forces a prompt to the user to open or save the .pdf file file to their local machine. It seems to work great except I have one user who can not open any .pdfs using this prompting method. He gets an error that says "File could not be found". However, if we choose the 'save' option instead, we can save the file to his local machine. He can open .pdf files from normal links to .pdf files. It's just this prompting method that is causing a problem. So, I'm perplexed.
I did some digging and found that there is also an FSO (File System Object) method (which may or may not solve my problem), but I'm not sure how to impliment the FSO or if that will even help me with this.