Client cant see login box?

C

Clark

I have a password protected subweb on my site, and have one client who cannot
ever "see" the login box, and thus cannot login.

It is as if her machine is remembering a bad password for her, and trying to
login automatically, and failing. But login failure does not re-produce the
login box for her -- it takes her to the standard "You are not authorized to
view this page" message. So she never sees the login box.

The above information may not be what is happening, but is a descriptive
interpretation of it.

I can duplicate the error message only by purposely providing false credentials
3 times in a row to the login box.

The url is www.ownertrades.com and the links to the subweb are "Exchange Center"
and "find an exchange"

Any ideas of the cause of this and/or the fix?

Thanks
 
S

Steve Easton

Have the client close the browser and then clear the Temporary internet, history and cookie files.
Then reopen the browser and try.


--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer
 
A

Andrew Murray

I tried the link and get a "you're not authorised..." page (no login box at
all).
 
C

Clark

Andrew -- this is great! It is real hard working with my member because she
doesnt know too much about computers :=( and since I cant replicate the
problem it's hard to help her.

But I would be most grateful if I could work with you to find out why you dont
get the login box, since you undoubtedly are seeing the same problem she is
seeing.

I'm not hopeful the suggestion mentioned earlier in the thread by Steve would
enable you to login -- did you try that?

Is there anything noteworthy about your setup? Are you behind a proxy server? Or
using a pop-up blocker that acts like a proxy server in some sense? Anything
else?

This is a basic no-frills FrontPage 2000 generated subweb set up with a
username and password.

I appreciate any thoughts --

Clark
 
S

Steve Easton

Ok, on my machine clicking Find an exchange from the exchange center page brings up the password
dialog.

Clicking Exchange center from the home page does not because the file is in the root directory and
not the subweb.

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer
 
A

Andrew Murray

Usually a login should come up anyway for protected pages - the 403
"Forbidden" error certainly suggests your protection is working, just not
prompting for those who have the authority.

I'm no expert in this (I've never done this method of subwebs and setting
permissions). I've always used third-party products, and since my site is
on Linux, I use the htaccess/htpasswd method (equivalent I suppose, of what
you're trying to do on,presuming a Windows server?).

I've done a couple of sites hosted on Windows, with FPSE etc but have not
used done anything such as creating subwebs or password protecting folders.

I have ZoneAlarm blocking popup ads but that's all.

Sorry, I couldn't tell you a thing about proxy servers - I'm not that
technically minded.

and yes, I cleaned out history, internet cache and temp internet files;
still do not get the log on prompt.
The actual message I get is below:


You are not authorized to view this page
You do not have permission to view this directory or page using the
credentials that you supplied because your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to
accept.
--------------------------------------------------------------------------------

Please try the following:

a.. Contact the Web site administrator if you believe you should be able
to view this directory or page.
b.. Click the Refresh button to try again with different credentials.
HTTP Error 401.2 - Unauthorized: Access is denied due to server
configuration. Internet Information Services (IIS)

--------------------------------------------------------------------------------

Technical Information (for support personnel)

a.. Go to Microsoft Product Support Services and perform a title search
for the words HTTP and 401.
b.. Open IIS Help, which is accessible in IIS Manager (inetmgr), and
search for topics titled About Security, Authentication, and About Custom
Error Messages.

Sorry I couldn't assist more.


--
Andrew Murray
Perth Western Australia
---------------------------------------------------------------------------------------
Please reply to Newsgroup - emails will be blacklisted.

Outgoing messages scanned with VET antivirus.
 
C

Clark

Yes Steve, that is exacty how it is supposed to work. Clicking on the Exchange
Center link of the home page takes you to the Exchange Center page itself, and
it is from that page that clicking on the "find and exchange" link is supposed
to bring up the dialog box.

The site works normally for you.
 
C

Clark

Would you mind (I know it's a long shot) turning off the pop-up blocker of zone
alarm and see if that makes a difference?

Also, when I purposely provide a bad password 3 times in a row, I get an error
message that is somewhat different from what you get -- mine does not give the
reason for not being allowed access as being: "your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to accept."

I just get: "You do not have permission to view this directory or page using
the credentials that you supplied" -- no reason supplied.

Perhaps someone can comment on the meaning of: "your Web browser is sending a
WWW-Authenticate header field that the Web server is not configured to accept."
?

Thanks
 
S

Stefan B Rusynko

Also try sending her a link to a file w/i the protected site
Like http://www.ownertrades.com/membersearch/ instead of http://www.ownertrades.com/membersearch/findpartners2.asp
(your ASP script challenges the user to log in)




| Have the client close the browser and then clear the Temporary internet, history and cookie files.
| Then reopen the browser and try.
|
|
| --
| Steve Easton
| Microsoft MVP FrontPage
| 95isalive
| This site is best viewed............
| .......................with a computer
|
| | > I have a password protected subweb on my site, and have one client who cannot
| > ever "see" the login box, and thus cannot login.
| >
| > It is as if her machine is remembering a bad password for her, and trying to
| > login automatically, and failing. But login failure does not re-produce the
| > login box for her -- it takes her to the standard "You are not authorized to
| > view this page" message. So she never sees the login box.
| >
| > The above information may not be what is happening, but is a descriptive
| > interpretation of it.
| >
| > I can duplicate the error message only by purposely providing false credentials
| > 3 times in a row to the login box.
| >
| > The url is www.ownertrades.com and the links to the subweb are "Exchange Center"
| > and "find an exchange"
| >
| > Any ideas of the cause of this and/or the fix?
| >
| > Thanks
|
|
 
S

Steve Easton

Works fine here. Windows 2000 Pro IE 6.

--
Steve Easton
Microsoft MVP FrontPage
95isalive
This site is best viewed............
........................with a computer
 
C

Clark

That's a good idea to try Stefan. I will ask Andrew to try this later in the
thread since he replicates the problem
 
S

Stefan B Rusynko

I get a login challenge for that link




| Andrew -- Stefan made a suggestion above that I wonder if you could try. Please
| try linking into the search page directly by clicking on the link below and
| let me know if you get the login box.
|
| www.ownertrades.com/membersearch/backdoorentry.htm
|
| Thanks for helping with this.
|
| Clark
|
| On Wed, 26 Jan 2005 07:31:29 +0800, "Andrew Murray" <[email protected]>
| wrote:
|
| >Usually a login should come up anyway for protected pages - the 403
| >"Forbidden" error certainly suggests your protection is working, just not
| >prompting for those who have the authority.
| >
| >I'm no expert in this (I've never done this method of subwebs and setting
| >permissions). I've always used third-party products, and since my site is
| >on Linux, I use the htaccess/htpasswd method (equivalent I suppose, of what
| >you're trying to do on,presuming a Windows server?).
| >
| >I've done a couple of sites hosted on Windows, with FPSE etc but have not
| >used done anything such as creating subwebs or password protecting folders.
| >
| >I have ZoneAlarm blocking popup ads but that's all.
| >
| >Sorry, I couldn't tell you a thing about proxy servers - I'm not that
| >technically minded.
| >
| >and yes, I cleaned out history, internet cache and temp internet files;
| >still do not get the log on prompt.
| >The actual message I get is below:
| >
| >
| >You are not authorized to view this page
| >You do not have permission to view this directory or page using the
| >credentials that you supplied because your Web browser is sending a
| >WWW-Authenticate header field that the Web server is not configured to
| >accept.
| >--------------------------------------------------------------------------------
| >
| >Please try the following:
| >
| > a.. Contact the Web site administrator if you believe you should be able
| >to view this directory or page.
| > b.. Click the Refresh button to try again with different credentials.
| >HTTP Error 401.2 - Unauthorized: Access is denied due to server
| >configuration. Internet Information Services (IIS)
| >
| >--------------------------------------------------------------------------------
| >
| >Technical Information (for support personnel)
| >
| > a.. Go to Microsoft Product Support Services and perform a title search
| >for the words HTTP and 401.
| > b.. Open IIS Help, which is accessible in IIS Manager (inetmgr), and
| >search for topics titled About Security, Authentication, and About Custom
| >Error Messages.
| >
| >Sorry I couldn't assist more.
|
 
C

Clark

Yes, thanks Stefan. So do I.

But the real question is whether Andrew gets it because up to now, he has not
been able to ever see the login box -- just an access denied message
 
Top