Gallardo, Lisa wrote:
I have sspi module enabled on website (windows 2003, apache 2.0) and
have googled to figure out how to get the login prompt to prompt at
least 3 times (if incorrect password submitted) but so far only get one
prompt and then error page of no access which freaks folks out. Plus,
they can't go back or refresh page because it's set in their cookies.
Is there somewhere in the httpd.conf file I can set more than one login
prompt for the site?
To answer you second question first : I don't think so. This kind of
thing is more likely due to the browser settings.
But there is something else that bothers me above :
When you use something like sspi, it is usually because you want the
users browsers, in an Intranet that is also a Windows Domain, to be able
to authenticate to the Apache webserver using their Windows Domain
user-id (which is already known to the workstation at that point, since
they have already logged in to the Windows Domain).
In that context, when the login dialog even appears once in the browser,
it is already an indication of a failure.
It means that the (automatic) Windows authentication has failed, and
that the browser is "falling back" to Basic authentication. And since
the server will not accept this form of authentication, the browser
login will *never* succeed. No matter how often the login dialog comes back.
Now, assuming your users are in an Intranet and a Windows Domain, I
would first check the configuration of the browsers, and particularly a
checkbox somewhere (in IE) saying "Allow Windows Integrated Authentication".
And if the browsers are not directly inside the Domain, then you may
also want to add your webserver's hostname to the list of "trusted hosts".
Try again then and let us know.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
