Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Repeated prompts for user name/password using Digest Authentication with IIS

Repeated prompts for user name/password using Digest Authentication with IIS

View products that this article applies to.

Symptoms

When you attempt to use Microsoft FrontPage 2000 Service Release 1 (SR-1) or Microsoft FrontPage 2002 to author a Web site using Digest Authentication on a server running Microsoft Internet Information Services (IIS), you are continually prompted for a user name and password.

If you click Cancel in the Password dialog box, the Wecerr.txt file will contain an error message similar to the following:
01/01/2001 12:00:00

You are not authorized to perform the current operation.
NOTE: Microsoft Internet Information Services (IIS) version 5.0 and later can use a form of Internet security named Digest Authentication, which is defined in a Requests For Comment (RFC). An RFC is a document series that describes the Internet suite of protocols and related experiments.

For more information about Digest Authentication, please see the RFC 2617: HTTP Authentication: Basic and Digest Access Authentication document located at the following Web site:
http://rfc.net/rfc2617.html

↑ Back to the top

Cause

This problem can occur if the Web site is not configured for Anonymous access to the Shtml.dll file in the FrontPage Server Extensions. In addition to using Digest Authentication to authenticate users for Web authoring, Microsoft FrontPage also needs Anonymous access to the Shtml.dll file for certain other operations.

↑ Back to the top

Resolution

To correct this problem when using Digest Authentication, enable Anonymous access. To do this, follow these steps:
  1. On the Windows Start menu, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
  2. Right-click the Web site on which you want to enable Anonymous access and click Properties on the menu that appears.
  3. In the Properties dialog box, click the Directory Security tab.
  4. In the Anonymous access and authentication control section, click Edit.
  5. In the Authentication Methods dialog box, click to select the Anonymous access check box and click OK.

    NOTE: The Digest authentication for Windows domain servers check box should already be selected.
  6. Click OK to close the Web site Properties dialog box.

↑ Back to the top

Workaround

As an alternative to using Digest Authentication, FrontPage 2000 Service Release 1 (SR-1) and FrontPage 2002 support the following authentication methods on IIS:
  • Windows Integrated Security on Microsoft Windows 2000.
  • Windows NTLM on Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows Millennium Edition (Me), and Microsoft Windows NT 4.0.
  • Basic/Clear Text on all versions of Windows.
NOTE Basic authentication should be used only in conjunction with Secure Authoring (SSL) to protect user names and passwords. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
205698 How to use Secure Sockets Layer to help protect pages in your Web
For more information about these authentication methods, click the following article number to view the article in the Microsoft Knowledge Base:
264921 How IIS authenticates browser clients

↑ Back to the top

More information

For more information, click the following article number to view the article in the Microsoft Knowledge Base:
222028 Setting up Digest Authentication for use with Internet Information Services 5.0

↑ Back to the top

Keywords: KB291373, kbprb, kbfix

↑ Back to the top

Article Info
Article ID : 291373
Revision : 5
Created on : 1/31/2007
Published on : 1/31/2007
Exists online : False
Views : 228