Archive for November, 2009

Why should the FQDN make a difference when using Integrated Security authentication?

We run a few internal applications that are addressed using a FQDN:

http://site.domain.com/our_app

The applications are also available through the server name:

http://site/our_app

We’ve had a strange issue with one of our applications that requires ‘Integrated Security’ authentication.

A few of our users, who run IE6 (because that’s what they are forced to use) get prompted for credentials.

You’d assume that since IE knows who the user is, that it would simply provide it to the application, and it would allow access.

I’ve done a little digging at it would seem we are not the only people with this issue.

It would seem that this is a browser, rather than application related issue:

Best explanation award foes to Windows IT Pro:

It would seem the only short term solution is to provide the fix to the user community before we can update group policy (if this is possible!)

SC


By SpittingCAML in ASP.NET, IIS, Security  .::. (Add your comment)


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.