Authentication Header not always Sent

[Tyler Robbins]

I am seeing that IE will not always sent the
Authentication header for
files protected with Basic Authentication. This causes
some of my
users to get repeatedly prompted for their username and
password.

Using HTTPWatch (great tool), I can easily watch the
Authentication
header get passed for every file. Then, on some files
(fairly
consistent which ones), it won't pass the Authentication
header, and
the browser prompts for a password. You can easily enter
the same
username/password and it will accept it and pass the
header. I have
double- and triple-checked that the security on this file
is the same.

My configuration: I have an IIS 5.0/Win2K server with
Basic
Authentication on all the files. On the client I have
Win2k with IE6.
Not all machines have this problem, even ones that
seemingly have the
same configuration. But we have seen it on NT, Win2K and
XP running
IE6.

Why is this happening? Anyone else dealing with this?

 

[H Leboeuf]

Check this out.

Internet Explorer Always Prompts for Authentication When Browsing to Web
Sites Already Logged on to
When you connect through a caching ISA Proxy that has anonymous access, and
you try to perform a NT LAN Manager (NTLM) Authentication with an IIS4 or
IIS5 Web server, Internet Explorer 6.0 may not automatically authenticate
with NTLM pre-authorization (PreAuth). Instead, you may be continually
prompted to authenticate.
http://support.microsoft.com/?kbid=820780 (i. e. 6. W98/se/ME/NT4/W2000/XP
9/19/2003)

 

[Tyler Robbins]

Henri, thanks for your response. The symptom does sound the same,
although we're not connecting through a proxy so I'm not sure if this
is the issue. Certainly worth trying the hotfix. Do you happen to know
how to get these? Do I need to call Microsoft?

 

[H Leboeuf]

Call MS and just ask for the fix nothing else there will not be any charges.
Make sure of it.